1. About
BuffaLogs is a Linux based Security tool that provides an easier way to analyze logs data sending alerts if the user is logged into the system with a new device, from a new country or an impossible travel has been detected.
It uses Elasic SIEM for security monitoring, threat hunting and threat identification. the use of Docker allows you not to configure locally all the necessary tools and to makes BuffaLogs more user-friendly.
BuffaLogs provides an effective view of the system thanks to the straightforward dashboard and a designated Users page to check the logs details.
