This project involved advanced SIEM concepts and practical implementation using Splunk, leading to the Splunk Enterprise Admin Certification.
Project Activities:
- Configured Splunk Enterprise for log correlation.
- Successfully ingested logs from multiple sources into Splunk, including:
- AWS CloudTrail logs
- Azure Linux VM logs
- On-premises Windows security event logs
This project provided hands-on experience in setting up a SIEM solution for centralized logging and monitoring across different environments (cloud and on-premises).