OpenSOAR v1.0.0 — first public release 🎉
A self-hosted, real-time threat-monitoring dashboard that visualizes your actual
nginx / SSH / fail2ban logs on a world map (not sample data).
Highlights
- 🗺️ Threat Intelligence Map — geolocated attacker IPs animated toward your server
- ⏱️ Time-window selector —
1h / 24h / 7d / 30d / all - 🚨 Per-IP alerts — severity, AI summary, real-log timeline, Investigating/Resolved status (persisted)
- 📦 Per-product (per-vhost) breakdown
- 📈 Daily / weekly / monthly reports + incident-response history
- 🤖 Optional AI summary chat (OpenAI-compatible; Ollama / Azure / vLLM)
- 📧 Email digests of critical alerts
- 🌐 Multi-server log aggregation (read-only forced-command keys)
- 🔐 Optional built-in email-OTP + JWT auth
Stack
Python / FastAPI + Next.js 14 / react-leaflet. SQLite, no extra middleware.