From 29bf68e10d33253dc880c566525f9482e0ed88ff Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Wed, 21 Apr 2021 22:08:36 -0400
Subject: [PATCH] README

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index 3d24142..1ad2195 100644
--- a/README.md
+++ b/README.md
@@ -83,6 +83,7 @@ Recommended System Specifications:
 | Default                | Bare bones + Cockpit                                                          | 2 GB+ | 15 GB     |
 | Low-resource services  | Default + Bitwarden, Tor, Syncthing                                           | 4 GB  | 20 GB     |
 | High-resource services | Default + Jitsi, Nextcloud, Jellyfin, Rocket.Chat, Home Assistant, OnlyOffice | 6 GB+ | 25 GB+    |
+| SIEM                   | Default + Wazuh + Extras                                                      | 16 GB+ | 100 GB+   |
 
 Starting from base installation
 ```
@@ -112,6 +113,8 @@ See the [Mistborn Network Security](https://gitlab.com/cyber5k/mistborn/-/wikis/
 
 # Security Information & Event Management (SIEM)
 
+![Mistborn Security Center](https://gitlab.com/cyber5k/public/-/raw/master/graphics/home.mistborn_soc.png)
+
 The Mistborn Security Operations Center provides SIEM services with Wazuh. The Wazuh Manager requires an Open Distro for Elasticsearch backend. When the Mistborn host has >8 GB RAM the provided Elasticsearch backend can be used. Just click "Start Wazuh" on the `Security Center` page and enjoy your Enterprise-grade SIEM. Wazuh agents can be installed on just about any OS and all Wazuh agent traffic is communicated over the Wireguard connections. Instructions for adding endpoint agents can be found within Wazuh itself.
 
 ![Mistborn Security Center: Wazuh Modules](https://gitlab.com/cyber5k/public/-/raw/master/graphics/wazuh_modules.png)