Skip to content
/ splunk_lab Public

A reproducible lab demonstrating ingest, parsing, detection, and dashboards for pfSense firewall logs and Ubuntu host telemetry using Splunk SIEM monitoring of Kali exploit methods.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

MicvhT/splunk_lab

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
docs
docs
 
 
evidence
evidence
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

SIEM Lab - pfSense + Ubuntu + Kali + Splunk + Splunk UF

Short description: A reproducible lab demonstrating ingest, parsing, detection, and dashboards for pfSense firewall logs and Ubuntu host telemetry using Splunk.

Quickstart

  • See docs/ for architecture, test plan, and playbooks.
  • Example configs are in configs/.
  • Dashboards and saved searches are in splunk/.
  • Log files, configuration snapshots, and screenshots collected during each test case in evidence/.

Ultimate Goal

Document the architecture for the SIEM lab used to ingest pfSense and Ubuntu (host) telemetry, run Kali simulation vulnerability/pen tests, and evaluate detections in Splunk through visualized and understandable metrics.

License

This project is licensed under the MIT License. See LICENSE.

About

A reproducible lab demonstrating ingest, parsing, detection, and dashboards for pfSense firewall logs and Ubuntu host telemetry using Splunk SIEM monitoring of Kali exploit methods.

Topics

linux networking ubuntu splunk cybersecurity siem pfsense homelab kali security-analytics

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository