A powerful home-lab focused on setting up Splunk SIEM and real-world use cases. If you’re interested to become SOC Analyst(Tier 1/2) , this lab will help you with SOC tools, rules, queries, apps and integration.

This repository is dedicated to hosting personal comprehensive walkthrough solutions for Splunk's Boss of the SOC (BOTS) CTF-style labs. To be eventually updated with all BOTS events.

Splunk lab with Boss of the SOC data

No description available

This repository guides you in setting up an Active Directory (AD) home lab with Splunk, Kali Linux to simulate real-world cyber threats. Ideal for cybersecurity enthusiasts, SOC analysts, and IT professionals, it provides hands-on experience in threat detection, log analysis, and attack simulation in a safe environment.

This lab captures Wi-Fi traffic using Wireshark, exports it to CSV, and ingests it into Splunk for dashboard analysis. It visualizes device activity, destination IPs, and communication patterns — offering a lightweight SOC simulation using real home traffic logs.

A Splunk-based SOC home lab built to gain hands-on experience with real-world SIEM operations, log ingestion, and troubleshooting. Focused on defensive security using Windows Event Logs and Sysmon telemetry.

🔍 Hands-on Splunk labs for SOC Operations Scenarios

No description available

Cloud Security & SOC portfolio with AWS labs, SIEM monitoring, and threat analysis. AWS | Wazuh | Splunk | Python

Cybersecurity lab using Splunk, VirtualBox, and multiple VMs to simulate real-world SOC environments. This repo includes setup instructions, log forwarding, and troubleshooting to build SOC analyst skills.

End-to-end SOC lab simulating a small enterprise Active Directory environment with centralized SIEM monitoring using Splunk. Designed to demonstrate real-world blue team operations, Windows telemetry collection, and SOC visibility.

This repository contains resources for a SOC Threat Detection and Response Lab, demonstrating threat detection with Splunk and automated response using Ansible. It includes Splunk dashboards, Ansible playbooks, configurations, sample logs, and documentation for setting up and managing security monitoring and incident response.

Splunk SOC Lab

“SOC Lab using Splunk SIEM for threat detection”

No description available

SOC lab project demonstrating brute-force SSH detection using Splunk SIEM with real log ingestion and investigation workflow.

Production-grade SOC lab with Splunk SIEM for threat detection and security monitoring

Comprehensive Splunk training course for SOC analysts featuring 5 hands-on labs covering SIEM operations from basics to advanced visualizations. Master Splunk fundamentals, search queries, alerts, and dashboards through real-world security scenarios. Perfect for SOC analysts and threat hunters seeking practical enterprise skills.

Hands-on SOC lab using Splunk, Sysmon, and Windows event logs for threat detection

SOC lab detecting SSH brute-force attacks using Splunk SIEM

End-to-end SOC detection lab using Windows Event Logs (4688), Sysmon, and Splunk to detect LOLBins mapped to MITRE ATT&CK.

No description available

SOC Analyst roadmap | TryHackMe, CyberDefenders, Splunk, Wireshark labs and writeups

A practical SOC simulation lab with Splunk, Wireshark, and Metasploit.

Splunk SIEM SOC monitoring lab for cyber threat detection, dashboard development, automated alerts, and security incident investigation.

Simulated SMB brute-force attack → Splunk detection engineering → automated case note generation via Splunk REST API + Python.

No description available

No description available

No description available