LogVM Dedicated Logging Qube with Security Onion

Has anybody tried creating a template or a Qube with a security distro like Security Onion and setting it up as a logging tool? Would this be a security risk?