# Looking for simple SIEM/monitoring/report tool for home use.



## ekingston (Sep 28, 2017)

At work we have all sorts of tools that look at logs, monitor our systems, and generate graphs and reports about the health of our systems and network(s). I'm wondering if there is something that is very simple to set-up that would be suitable for a home network. Any suggestions?

In more detail:

For the last 20 years, I've relied mostly on the built-in FreeBSD periodic reports to watch the health of my home server. It is all I needed originally. The daily/weekly reports are still good enough to watch for problems on that server but now my home network has gotten a lot more complicated.

I've now got 2 FreeBSD system at home. The "server" and a development/test system (actually the hardware of the previous server). But I've also gone from having a desktop and server to having desktop, tablet, phone, streaming media player, networked PVR, personal laptop and work laptop all talking to my home network. This is much more complicated and much harder to track down when weird things start happening at the network layer.

I'm thinking I need better monitoring. I would like to be able to analyse network traffic and see what is taking to what. How much traffic is being used (and at what times) by which device.

But also, It would be nice to be able to have something that can give me health checks on the desktop (somewhat like the freebsd weekly report). Except the desktop is Windows 10. I'm sure I can get something that will extract the Window event logs and pass them to the monitoring system for analysis. But what do I use for analysis?

I envision something with a high level dashboard that offers drill-down to detail.

Is there anything like this on the ports? Would I need multiple tools?

Personally, I don't need alerting. I don't even need email reports. I would like a web interface.

I would like something with enough brains to work out "normal" that will highlight unusual (like if an IoT device gets hacked). I would also like something that already understand most of the common logs and doesn't need a huge amount of tuning to start.

I already know I'm going to need to replace my home firewall/router. The last firmware upgrade got rid of SNMP and it never supported remote syslog.


----------



## SirDice (Sep 29, 2017)

ekingston said:


> At work we have all sorts of tools that look at logs, monitor our systems, and generate graphs and reports about the health of our systems and network(s). I'm wondering if there is something that is very simple to set-up that would be suitable for a home network. Any suggestions?


Munin is quite popular. Fairly easy to set up and use. Personally I'm a big fan of Zabbix but that's a bit overkill for a handful of machines.

sysutils/munin-master
sysutils/munin-node

net-mgmt/zabbix32-server
net-mgmt/zabbix32-agent
net-mgmt/zabbix32-frontend
For Zabbix, 2.2, 2.4 and 3.0 are also available.


----------

