So I’m trying to build some practical experience for SIEM. The problem is that I don’t have very powerful machine. I have a dell inspiron(8GB RAM and 4 i3 cores). So I can’t think of running a VM (because my system could not handle it), and I’m not rich enough to afford cloud instances. So my question is - Is it a good idea to setup entire graylog architecture (that includes graylog, elastic search, sending logs from my local system to SIEM and anything that is major to run graylog) on one single machine? Specifically my machine.

Originally posted by u/priyanshu120 on Reddit.com/r/homelab

beep boop I’m a bot to seed discussions from Reddit. Upvote or downvote posts like normal, discuss the topics here as well!

If you see an issue with this post, such as no content or links broken or other issues, please report the post.