Skip to content

stefanieversace/security-log-analysis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
logs
logs
 
 
README.md
README.md
 
 

Repository files navigation

Security Log Analysis

This project demonstrates how security event logs can be analyzed to identify suspicious activity and potential threats.

Objectives

  • Analyze security event logs
  • Identify anomalies and suspicious behavior
  • Document investigation findings

Tools Used

  • Microsoft Sentinel
  • KQL queries
  • Security event logs

Investigation Process

  1. Collect log data
  2. Query logs to identify anomalies
  3. Investigate suspicious events
  4. Document findings

Example Investigation

Suspicious login attempts were identified from an unfamiliar IP address outside normal login hours. Queries were used to analyze authentication events and confirm abnormal behavior patterns.

About

Security log analysis project exploring how to investigate suspicious activity using log data. Includes sample security events, KQL queries, and investigation notes demonstrating how patterns and anomalies can be identified in security telemetry.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors