Real-time Windows log monitoring using Splunk.

🔍 Monitor SSH logs in real-time, detect brute-force attacks, and visualize geo-attacks to enhance your system's security with this Splunk dashboard.

A Python-based security automation tool that monitors system logs in real-time, filters critical threats (Brute Force, Unauthorized Access), and sends instant email alerts integrated with Splunk SIEM.

This SOC-style Splunk lab simulates a real-world Security Operations Centre by centrally collecting, indexing, and analysing logs from multiple operating systems. It includes a Splunk Enterprise Indexer on Ubuntu and Universal Forwarders on Kali Linux and Windows Server, with logs forwarded over TCP (port 9997) for monitoring and validation.

Analyzing SIEM detection coverage by exploiting vulnerable services and identifying security monitoring gaps. This project simulates cyberattacks using Kali Linux and Metasploit, collects system and network logs, and compares raw attack data with SIEM alerts (Splunk/ELK) to evaluate detection effectiveness.

This project focuses on integrating Snort an open source Intrusion Detection and Prevention System (IDS/IPS) with Splunk an Security Information and Event Management (SIEM) tool. The integration enables real-time monitoring, alert correlation and threat detection by ingesting logs from the Snort server for analysis and visulisation