Splunk Log Analysis Projects

This repository contains hands-on projects focused on log analysis and data visualization using Splunk. These projects simulate real-world use cases of ingesting logs, writing SPL queries, and building meaningful dashboards to extract insights from security-related events.

---

📁 Projects

🔹 Apache Log Analysis

Analyzes Apache access logs using Splunk Search Processing Language (SPL). The project covers ingesting raw .log files, identifying HTTP status codes, top requested endpoints, and client IPs using structured queries and visualizations.

🔹 Dashboard Advanced Analysis

Leverages Splunk Dashboard Studio to create interactive visualizations and panels for insights into user login activity, time-based trends, and endpoint behavior, using advanced SPL queries and filters.

🔹 Frothly AWS Incident Investigation

Investigates Frothly’s AWS environment logs using Splunk to answer security-focused questions. This project covers analyzing IAM user activity, S3 bucket access incidents, processor details, and endpoint behavior, including detection of cryptocurrency mining and OS edition discrepancies.

---

🛠️ Tools & Skills

• Splunk Enterprise / Free
• SPL (Search Processing Language)
• Log parsing & field extraction
• Dashboard Studio
• Security-focused data interpretation

---

🚀 Getting Started

Each project folder contains:

• A brief description
• Sample log files
• SPL queries used
• Dashboards (with screenshots)
• Observations and findings

Click into each project to explore further.

---