βββββββββββββββββββββββ ββββ
ββββββββββββββββββββββββ βββββ
βββββββββββββββββ βββββββββββ
βββββββββββββββββ βββββββββββ
ββββββββββββββββββββββ βββ βββ
ββββββββββββββββββββββ βββDemo & Preview
docker compose up -d β localhost:8431Dashboard Β· Log Viewer Β· Alert Investigation Β· Correlation Rules Β· Attack Scenarios Β· User Management
Real-time event counters, severity breakdown by donut chart, event timeline, and top source IP ranking
Paginated event stream filterable by source, severity, and event type with timestamp correlation
Correlated alert drill-down with matched event timeline and lifecycle controls β Acknowledge, Investigate, Resolve, False Positive
Threshold, Sequence, and Aggregation rule types with inline JSON condition editing and severity classification
Four MITRE ATT&CK mapped playbooks generating realistic multi-stage events β brute force with lateral movement, DNS tunneling exfiltration, phishing to C2 beaconing, privilege escalation with persistence
Role-based access control with Admin and Analyst roles, account provisioning, and status management





