mohilamin/ai-soc-telemetry-triage-platform — reverse-engineered prompt

Build me a local SOC telemetry triage platform that feels like a realistic security operations demo, but uses only synthetic data so it is safe to run anywhere. I want it to generate fake security logs from things like identity, endpoint, cloud, email, DNS, firewall, SaaS, and AI app activity, then run detection rules against that data, map alerts to MITRE style attacker behavior, group related alerts into incidents, score severity and confidence, estimate impact, and create an analyst queue with timelines, evidence, and suggested runbooks.

Please make it easy to inspect what is happening at each step, not just show final alert counts. I want clear outputs like telemetry records, detections, incident records, coverage views, scorecards, and a simple dashboard plus an API for reviewing results locally. Keep it deterministic and explainable, with no paid services, no real private data, and no cloud setup required. If helpful, store results in a local analytics friendly format so the data can be queried and reviewed. Look up current docs online if you need to.