SIEM Practice Lab (GCP)

A fully automated Security Information and Event Management (SIEM) and log management lab environment deployed on GCP. Uses Terraform to provision Compute Engine VMs and networks, and Ansible to configure Graylog 5.2 (2-Node Cluster), Splunk Enterprise 9.2, Zabbix 6.4 (monitoring), and Zammad (ticketing). Features a native Google Cloud DNS sync script running on boot and via 5-minute cron to automatically sync splunk/graylog/monitor/ticket.akhilkarwal.com sublinks with ephemeral external IPs.

Technologies Used: GCP,Terraform,Ansible,Splunk,Graylog,Zabbix,Zammad,Rsyslog,Python

← Previous Project All Projects Next Project →