Detect and alert brute-force RDP attacks using Splunk, Windows logs, and a simulated Kali Linux attacker. Home lab project.
A Windows + Splunk SOC detection lab demonstrating log engineering, detection engineering, alert triage, and incident reporting.
TryHackMe walkthrough focused on Windows event logging, Sysmon, and PowerShell-based investigation.
A defensive Splunk lab built to ingest Windows telemetry, normalize Sysmon events, and validate practical SPL detection use cases.
Windows 11 lab using Sysmon + Splunk to detect encoded PowerShell, HTTP connections, and registry Run-key persistence.
Add a description, image, and links to the windows-logging topic page so that developers can more easily learn about it.
To associate your repository with the windows-logging topic, visit your repo's landing page and select "manage topics."