Security Log Analysis & Threat Detection Project

A hands-on cybersecurity analytics project simulating a Security Operations Center (SOC) workflow — from log ingestion and parsing to alert detection, IOC enrichment, and visualization.

##Objectives

• Build a SIEM-style pipeline using Splunk and Python to detect brute-force and anomalous login activities.
• Enrich Indicators of Compromise (IOCs) via VirusTotal API.
• Analyze network activity using Wireshark and Nmap.
• Present findings through an interactive Power BI / Splunk Dashboard.

##Tools & Technologies Security Tools: Splunk · Wireshark · Nmap · VirusTotal · CrowdStrike (demo data)
Data & Automation: Python (Pandas, Requests) · Power BI · AWS (CloudWatch, Athena)
Logging Sources: Simulated SSH, Web, and Application Logs
Visualization: Power BI / Splunk Dashboard Studio

The project