LinkedIn

Building My First Splunk Environment on Linux: Installation, Configuration, and Log Forwarding

I recently set up Splunk Enterprise on a Linux host to strengthen my hands-on SIEM skills. I've used it a ton in lab environments and cyber ranges, but I've never actually set the thing up for myself!
LinkedIn

How to Install and Configure Splunk for SOC Analysts

Understanding the process of installation and configuration of any SIEM solution and then ingesting logs from various sources is a very important concept for a SOC analyst. In this room, I learned how ...
GitHub

Splunk-SOC-Lab-BruteForce-Detection

Objective: Engineer a virtualized SOC environment to simulate, detect, and analyze a Remote Desktop Protocol (RDP) brute-force attack using Splunk and Sysmon. 01_lab_inventory.png This project ...
GitHub

splunk-linux-auth-failed-logins-lab

This project demonstrates end-to-end log monitoring and detection of failed authentication attempts in a Linux environment using Splunk Enterprise. I built an Ubuntu 22.04 virtual machine inside ...