TheCyberMask/ssh-log-analysis-using-splunk

# ssh-log-analysis-using-splunk Implemented a security monitoring project focused on detecting suspicious SSH activity ## Objective To analyze SSH authentication events using Splunk SIEM to detect brute-force attempts, failed login patterns, unauthorized access activities, and overall SSH login behavior. The goal was to build dashboards, run correlation queries, and generate insights that improve system security visibility. ## Skills Learned SIEM log ingestion and index configuration Writing SPL (Search Processing Language) queries Detecting brute-force attacks using failed login patterns Analyzing authentication events (successful/failed logins) Building stats-based insights from SSH logs (source IP analysis) Cybersecurity monitoring & incident detection fundamentals Understanding SSH authentication patterns and threat indicators ## Tools Used Splunk Enterprise (Search & Reporting App) SSH Log Dataset (ssh_logs.json) ## REPORT