You’re basically asking for a SIEM but with no budget? 
The answer to that is probably down the road your already travelling, ELK and co. It’ll take pretty much anything you can throw at it, but the problem that you probably already know is actually doing something with the data.
It doesn’t really do notification ootb though, you can set up triggers and throw them into your alarm system.
check_mk can do some stuff, but elastic is honestly probably more flexible, if you’re happy putting the pieces together yourself.
We’ve been using McAfee for our SIEM stuff so ive not really touched much else recently.
On your package question. You want config management in the long run in my opinion.
im sure @AnotherDev probably has some good insights.