For any business, monitoring and catching security events is extremely important to maintain a sustainable product and/or service. As the business scales up, the number of events in the system will increase exponentially and quickly fill up the memory. This results in a need for automatic detection of malicious actions by analyzing the incoming events in real-time.
In this report, we have written a Security Information and Event Management (SIEM) software, built around a state-of-the-art paradigm called Complex Event Processing (CEP). It is capable of capturing potential attacks against the system and/or the users in the system and alerting them to the system administrators. The attacks include brute-force, dictionary attack, mass port scanning, user base scan.