📊 Grafana: http://localhost:3001
Username: admin
Password: sentinelprime
🕸️ Neo4j: http://localhost:7474
Connect: neo4j://localhost:7687
Username: neo4j
Password: sentinelprime
🌐 API Docs: http://localhost:8000/docs
Auth: None needed
# Send test events (all 3 layers)
./scripts/quick-test.sh
# Check system status
./scripts/status.sh
# View logs
docker logs -f sentinel-control-plane
# Run attack simulation
python3 experiments/lateral_movement.py
# Check API health
curl http://localhost:8000/health
# View event stats
curl http://localhost:8000/api/v1/telemetry/stats | jqGrafana (http://localhost:3001)
- Login with
admin/sentinelprime - Click ⚙️ → Data Sources → Add data source
- Select "Prometheus"
- URL:
http://prometheus:9090 - Click "Save & Test"
- Go to + → Create → Dashboard
- Add panel and query:
up{job="sentinel-control-plane"}
Neo4j (http://localhost:7474)
- Open browser to http://localhost:7474
- Connect URL:
neo4j://localhost:7687 - Username:
neo4j, Password:sentinelprime - Click "Connect"
- Try these queries:
// View everything (I've added sample data!) MATCH (n)-[r]->(m) RETURN n,r,m LIMIT 50; // Find high-risk entities MATCH (n) WHERE n.risk_score > 0.7 RETURN n;
API Docs (http://localhost:8000/docs)
- Already open - no login needed
- Try
/api/v1/telemetry/edr- click "Try it out" - Use this test data:
{ "source": "edr", "event_type": "process_create", "entity_id": "host-001", "host_id": "host-001", "severity": "high", "process_name": "suspicious.exe" }
- Login to Grafana → admin/sentinelprime
- Login to Neo4j → neo4j/sentinelprime
- Send test events →
./scripts/quick-test.sh - View API → http://localhost:8000/docs
Reason: Elasticsearch needs more Docker memory Solution: You don't need it! Use Grafana instead:
- Grafana = Dashboards & Visualization ✅
- Neo4j = Attack Graphs ✅
- API = Direct access to data ✅
Keep this file handy for quick reference.
All credentials are in: CREDENTIALS.md