CyberGuard Agent - SIEM Log Collector
Custom C-based agent for log collection and forwarding to SIEM platforms, developed during NCCS internship.
View on GitHub →Project Overview
CyberGuard Agent is a lightweight, high-performance SIEM agent developed during my internship at the National Center of Cyber Security (NCCS). It handles automated log collection, network scanning, and security event forwarding.
Key Features
- Log Collection: Multi-source log aggregation from system, application, and security logs
- Real-Time Forwarding: Stream events to Wazuh and other SIEM platforms
- Network Scanning: Built-in network discovery and port scanning
- Event Correlation: Basic event correlation for alert generation
- Low Footprint: Minimal resource usage suitable for production environments
Integration
- Wazuh SIEM integration
- Syslog forwarding
- Custom alert rules
- JSON and CEF output formats
Built during NCCS internship - demonstrates real-world enterprise security development.