Vigil SIEM

The main dashboard
The events page

Inspiration

The ideation of Vigil was heavily inspired by a majority of the group’s background in cybersecurity; thus, we wanted to offer the internet a Security Information and Event Management (SIEM) that’s easy to build and attach to any deployed website, with any additional configurations to best suit a user’s needs.

What it does

This security dashboard ingests logs from the backend FastAPI endpoint to a connected, deployed website. From there, the SIEM performs any additional parsing (e.g., log severity, source IP, URI) and then outputs the new logs to the frontend.

Additional features include an AI voice agent (using ElevenLabs), an AI chatbot, and Mailgun services (Email notifications).

This can alternatively all be tested with a local dummy-site we added to the repo, and an additional buildable Next.js website that we test deployed onto Vercel.

How we built it

We used Next.js for the designs, Python FastAPI for connectivity in the backend and log parsing, and SQLite for local database management. Additionally, to connect the SIEM to a deployed website, we used a middleware proxy and Localtunnel for passing Apache logs from the website to Vigil’s backend endpoint.

Challenges we ran into

A big issue we had to solve was finding a way to make the SIEM easily integrable into most deployed websites (given the website already produces Apache HTTP logs). This problem provided us with a lot of education regarding the cybersecurity industry on standards and common practices from other industry professionals. Many of the frontend features (dashboard, events, alerts) and log parsing are common practices that we learned along the way.

Accomplishments that we’re proud of

For the parsing, we used a Python library to aid in log parsing into standardized, structured events utilizing Grok patterns. We’re also proud of the SIEM design and its ease of connectivity to any deployed website!

What’s next for Vigil SIEM

Although the bulk of the SIEM is complete, Vigil has a few minor quality-of-life updates (i.e., more UI themes, customized log dashboard displays, and more)!