Lightweight SIEM for real-time log correlation and alerting
It aggregates logs from multiple sources, normalizes them, and applies correlation rules to detect threats in real time. The system runs as a Python service with a web dashboard and REST API, and can be deployed via Docker for easy self‑hosting. It targets small security teams or developers needing a low‑cost, self‑hosted SIEM without enterprise complexity. Compared to heavyweight SIEMs, it’s simpler to deploy, configurable, and includes built‑in detection rules and threat‑intel matching.
View on GitHub →Nikoxkx/SIEM-LITE