Hi ​@Marcel.K -

If memory serves, the only one I’m aware of for private cloud option is Fortinet. Not sure how ‘mature’ they are. We tried them out for a little bit for a POC but decided to go with Splunk. My Security Admin tested out a few (Elastic was our 3rd option..but, like Splunk, are Public Cloud-based).

Best.

Splunk is a great one which we use for this.  Also having the app for Veeam is great.

Yeah, but Splunk is Public Cloud I believe...not private?

Nope we use it on premise no cloud.  😉

Maybe https://wazuh.com/ is an option for you. I saw an article from Ian Engelbrecht about it with VBR integration. Still have it on my things to check/do list..

https://www.mritsurgeon.co.za/2024/01/orchestrating-cybersecurity-resilience.html

 Best, Markus

YAY!...I learned something new today 😂 Thanks Chris! ha

Yeah Wazuh is a pretty good one.  Steep learning curve I found though and not very intuitive.

I would recommend Splunk or Qradar. I remember that Qradar supports local threat-analysis and it integrates with Veeam. 

Hello coolsport00, Chris.Childerhose, teha, Dynamic,

thank you very much for you answers.

I will try Splunk and Qradar and i will look on Wazuh, as they could be setup in isolated environment and integration with Veeam is good feature for them.