Beginner Free

MySQL Server Log Monitoring using Wazuh

Real-time detection of failed logins, query errors, and slow queries in MySQL

Self-Paced by Rajneesh Gupta

Overview

Monitor MySQL error, general, and slow query logs with Wazuh.
Forward DB logs from a Linux server to a Wazuh manager.
Add custom rules to detect failed logins and SQL/query issues.
Trigger alerts and visualize trends in Wazuh Dashboards.
Test with deliberate failures and slow operations.

  • Real-time DB log collection
  • Custom MySQL detection logic
  • Alert validation & dashboards
  • Tuning for noise reduction

What You'll Learn

  • MySQL log collection

    Enable and ship error/general/slow logs to Wazuh.

  • Detection engineering

    Create Wazuh rules for failed logins, SQL errors, slow queries.

  • Incident triage

    Read alerts, pivot to users/hosts, and scope issues.

  • Visualization & tuning

    Build dashboards and reduce false positives.

Prerequisites

  • 2 Linux VMs (Ubuntu 22.04+ recommended): one **Wazuh Manager**, one **MySQL Server**
  • Internet access & sudo privileges on both machines
  • Basic familiarity with MySQL and systemd

About Trainer

Rajneesh Gupta

Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity". As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.

LinkedIn YouTube GitHub

Related Projects

Apache Server Log Analysis using Splunk
Pro Intermediate

Apache Server Log Analysis using Splunk

Detecting Brute Force, SQL Injection, XSS, and Suspicious Web Activity from Apache Access Logs with Splunk SIEM

Practical AWS Cloud Security Posture Assessment Using Scout Suite
Free Beginner

Practical AWS Cloud Security Posture Assessment Using Scout Suite

Identify real-world AWS attack surfaces through visual security posture analysis.

Wazuh + n8n + Anyrun: Automated Malware Analysis
Pro Intermediate

Wazuh + n8n + Anyrun: Automated Malware Analysis

Automate malware analysis by sending Wazuh-detected suspicious files into ANY.RUN, retrieving detailed reports and IOCs, and integrating results back into your SOC workflow.