My HomeLab

This is where I experiment, break things and learn to showcase my personal projects, lab setup and technical explorations.

ELK SIEM with Cloudflare Zero Trust

Production Live Demo

A full-stack Security Information and Event Management (SIEM) platform that processes 1,500+ security events, detects threats and visualizes attack patterns in real-time. The system runs containerized on Docker and is publicly accessible via Cloudflare Tunnel without exposing ports.

Elasticsearch 8.5.0 Kibana Docker Python Cloudflare Tunnel Vega MITRE ATT&CK

Executive Dashboard

KPIs, severity metrics, compliance summaries

Analyst View

Time-series, geo maps, event drilldown

Threat Hunting

Sankey diagrams, anomaly detection

Core Features

  • Python automation for index creation, CSV ingestion, field enrichment
  • MITRE ATT&CK technique mapping for incident classification
  • Custom Vega specs for flow arcs, heatmaps, protocol breakdowns
  • Zero Trust access via Cloudflare Tunnel
  • Bash orchestrator for one-command deployment

Architecture

  • Docker Compose: Elasticsearch, Kibana, Logstash, Cloudflared
  • Structured index with geo_point, IP, timestamp mappings
  • 1,500 events with risk scores, session IDs, bytes transferred
  • Investigation reports with AbuseIPDB & VirusTotal verification

Skills Demonstrated

  • Security Analysis: Threat hunting, log correlation, escalation workflows
  • Data Engineering: ETL pipeline, Elasticsearch optimization
  • Visualization: Kibana Lens, Maps, TSVB, Vega grammar
  • Cloud Networking: Cloudflare Tunnel, Zero Trust routing
  • DevOps: Docker orchestration, automation scripting

Challenges Solved

  • Rebuilt index with explicit geo_point mappings for geo maps
  • Implemented Cloudflare Access for Zero Trust authentication
  • Fixed caching issues with cache purge + Development Mode
  • Enabled public demo via Cloudflare Tunnel without port forwarding

Note

  • - This homelab is used as a personal learning environment to explore system administration, networking, automation and monitoring.
  • - Some configurations, scripts and dashboards were developed with the assistance of AI-driven tools
  • - All implementations are deployed, tested and understood by me as part of continuous skill development.
  • - All projects are for educational purposes only and do not involve any production data or systems.
Live Demo

Home Lab Infrastructure

My personal playground for testing network configurations, virtualization and self‑hosted services. I use it to simulate enterprise scenarios and practice system administration skills.

Virtualization Platform

  • Hypervisor: Proxmox VE
  • Multiple VMs for testing & development
  • Network segmentation for security labs
  • Snapshot & backup automation

Virtual Machines

Ubuntu
CentOS
FreeBSD
Windows 11
Win Server 2022
Kali Linux