This project demonstrates SSH authentication log analysis using Splunk SIEM to detect malicious activity such as brute-force attacks, unauthorized access attempts, and suspicious SSH behavior. It simulates real-world SOC analyst workflows, including log ingestion, SPL queries, dashboards, and alerting.
log-analysis splunk cybersecurity siem network-security blue-team threat-detection security-analytics security-monitoring security-operations json-logs incident-detection soc-analyst authentication-security ssh-security brute-force-detection spl-query
-
Updated
Dec 29, 2025