In the previous article we embedded a local Ollama model directly into the Wazuh Dashboard chat via ML Commons. That approach provides full control over data with no cloud dependencies. In this series we take a parallel path: using AWS Bedrock - specifically Claude Sonnet 4.5 - as the inference backend, while all security data stays strictly within the local Docker network.
[Read More]In the cybersecurity world, SOC specialists deal with massive streams of security events daily. Analyzing each alert requires deep knowledge, experience, and time. That’s why I created a specialized language model to assist security analysts in their day-to-day operations.
[Read More]Picture this: you’re staring at security logs with thousands of events streaming in daily. Which ones are actually dangerous? Which can you safely ignore? Traditional signature-based detection is like playing whack-a-mole with cybercriminals - they’ve gotten really good at dodging known signatures faster than we can create them.
[Read More]Related Reading:
For local RAG development, ensure you have the following requirements:
[Read More]Retrieval-Augmented Generation (RAG) is a method that allows the use of information from various sources to generate more accurate and useful responses to questions.
[Read More]Related: Check out our Wazuh LLM fine-tuned model for specialized security event analysis.
[Read More]Wazuh offers vast and nearly limitless possibilities for integration with various systems. Even if a specific feature is missing, you can always create your own custom integration.
[Read More]Now it’s time to set up Wazuh, which we will integrate with Ollama.
[Read More]Senior Site Reliability Engineer with 14+ years building, scaling, and maintaining critical infrastructure across diverse technology environments.
[Read More]