SOARLab = Security Onion + Automation + Response Lab including n8n and Velociraptor

The full video includes background and configuration, but the final workflow begins at 25:45: