I am studying for my Network+ and my Sec+ hoping to shadow our Cyber Sec guy at work.
I want to set up a SIEM on my home network so I can be used to it’s operations and how it works by the time I start messing with Pentesting stuff. Then I’m going to use it to try and track myself when I pentest myself.
I was looking into Graylog or Security Onion since they seem to have decent documentation (and I can find videos on how to set them up which is nice).
I was recommended building my own ELK stack and doing everything manually for maximum learning potential. Which I understand why this is a good idea, but I think I’d rather be as close to “baby’s first SIEM” as possible or at least have a robust how-to guide.
What do you suggest?


Thanks! I’m still on reddit brain.