beenuar/AiSOC — reverse-engineered prompt

Build me an open source, self hosted AI security operations center that I can run locally with Docker and demo data.

I want a web console where a security analyst can see incoming alerts, filter by time and tenant, claim items from an investigation queue, open cases, view related entities, and see a short timeline and recommended next steps. The system should combine noisy alerts into clearer incidents, assign severity and confidence, map activity to MITRE ATT&CK tactics, and support hunts, playbooks, and basic response actions.

The AI investigator should help triage alerts, explain its reasoning in plain English, cite the evidence it used, and save every prompt, response, tool call, and decision in a replayable investigation ledger. Add useful dashboards for detected, triaged, investigated, and resolved work, plus pipeline health so a SOC lead can spot bottlenecks.

Please make it production minded but easy to run, with sample events, seeded incidents, environment examples, setup scripts, and clear docs. Look up current docs online if you need to.