Full-disk crisis takes down OpenSearch/Wazuh
Log growth silently filled the host volume, crashing the SIEM stack mid-monitoring. Diagnosed root cause, reclaimed storage, and rebuilt retention rules so it can't happen quietly again.
I'm Eoghan — moving from support & web work into networking and infrastructure, with security fundamentals building alongside. Currently working toward CCNA, running a self-built home lab, and documenting every build along the way.
My professional background is in customer and technical support, working hands-on across Shopify and WordPress for small businesses — real client-facing troubleshooting, SQL/database work, and server-side fundamentals. Good grounding, but I wanted to be the person fixing the underlying problem, not just the ticket in front of me.
Outside of work, I run a home server as a self-directed learning project — Wazuh for SIEM, Suricata for intrusion detection, and Grafana/Prometheus/Loki for observability, all containerised with Docker. It's not production experience, but it's real, hands-on practice: I break it, I fix it, and I write up what happened — including the time I filled the disk and took down my own SIEM.
Right now I'm applying for technical support and networking roles, working through CCNA with Security+ up next. I'm keeping my options open between networking and security — both play to the same strengths: understanding how systems actually work, and being the one who fixes the root cause.
Log growth silently filled the host volume, crashing the SIEM stack mid-monitoring. Diagnosed root cause, reclaimed storage, and rebuilt retention rules so it can't happen quietly again.
Stood up Wazuh for log analysis and alerting alongside Suricata for network intrusion detection, all running on Docker via Dockge for stack management.
Full metrics-and-logs pipeline so every other service on the box is actually watchable, not just running blind. Promtail ships logs, Grafana makes them legible.
Centralising identity with Authentik, exposing services securely via Cloudflare Tunnel, and automating the boring parts with n8n.
Python CLI tool storing credentials encrypted at rest in PostgreSQL, decrypting only on lookup. Search by site, username, or entry name, with random password generation built in.
Projects live on a dedicated page so the homepage stays focused. This area is ready for curated GitHub work once there is something worth highlighting.
Core networking: routing, switching, and network fundamentals — the backbone skill set for networking and technical support roles, and the base everything else builds on.
Core security foundation, building directly on the networking base from CCNA.
Analyst-focused follow-on: detection, analysis, and response — the direct line to a Security Analyst / SOC role.
Hands-on with the industry-standard SIEM platform — searches, dashboards, and reporting in the tool most SOC/analyst job postings actually name.
For roles, questions, or networking, use the contact page.