OSSEC
OSSEC is an Open Source Host-based Intrusion Detection System that runs on most Operating Systems. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response
It is simple to install and configure, so i will not provide the step by step installation guide but rather provide resources to get the installer and configuration documentation.
Here is their GitHub page:
https://github.com/ossec/ossec-hids
Configuration and agent management can all be found at these link;
https://www.ossec.net/docs/
Some other good resource are this book and this blog
OSSEC Host-Based Intrusion Detection Guide
By Rory Bray, Daniel Cid, Andrew Hay
Wazuh:
https://documentation.wazuh.com/2.0/user-manual/ruleset/getting-started.html
After successful installation, you can find it under ALL Programs in your windows OS startup menu
Sample alert
2018 Aug 09 01:06:22
Received From: ossectest->/var/log/secure
Rule: 5551 fired (level 10) -> "Multiple failed logins in a small period of time."
Portion of the log(s):
Aug 9 01:06:18 ossectest sshd[12330]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cago.testlab.com user= gandolf
Aug 9 01:06:20 ossectest sshd[12331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=cago.testlab.com user= gandolf