Article’s

Security Information and Event Management (SIEM) systems play a crucial role in modern cybersecurity by enabling centralized log analysis, threat detection, and incident response. However, many existing SIEM solutions are complex, resource-intensive, and costly, making them less suitable for academic environments and small-scale deployments. This paper presents SIEM Secure, a lightweight, web- based SIEM framework designed to provide secure authentication, real-time log analysis, rule- based threat detection, and interactive visualization through an intuitive dashboard. The proposed system adopts a three-layer architecture comprising data, processing, and presentation layers. It supports both local and remote log collection, where logs are parsed and normalized to extract key attributes such as timestamp, IP address, username, and event type. A rule-based detection engine is implemented to identify common security threats, including brute- force login attempts, suspicious access patterns, and unauthorized activities. Detected events are classified into severity levels and stored in structured JSON databases for efficient management. The system integrates role-based authentication with SHA-256 password hashing, account lockout mechanisms, and audit logging to enhance security. Alerts generated during analysis are visualized using interactive charts and tables, enabling users to monitor system activity effectively. Additionally, a notification module provides real-time dashboard alerts and email notifications for critical incidents using SMTP configuration. Experimental evaluation demonstrates that SIEM Secure effectively detects simulated attack patterns and provides meaningful insights through visualization. The proposed framework offers a practical, scalable, and user-friendly solution for security monitoring, particularly suitable for educational purposes and small to medium-scale environments.