Skip to content

Love198714/security-log-analyzer-python

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Security Log Analyzer Python

A beginner-friendly SOC Analyst project that analyzes authentication logs and detects suspicious activity such as brute-force login attempts, failed login spikes, successful logins after multiple failures, and suspicious IP addresses.

SOC Skills Demonstrated

  • Log analysis
  • Brute-force detection
  • Python scripting
  • Incident triage
  • Alert reporting
  • Basic threat hunting

Project Files

  • security_log_analyzer.py - Main Python script
  • sample_logs/auth.log - Sample Linux authentication log
  • reports/alerts_report.txt - Output report created after running the tool
  • requirements.txt - Python requirements

How to Run

python security_log_analyzer.py sample_logs/auth.log

What the Tool Detects

  1. Multiple failed login attempts from the same IP
  2. Successful login after failed attempts
  3. Invalid user login attempts
  4. Suspicious IP activity

Example Output

SECURITY LOG ANALYZER REPORT
Total failed logins: 8
Total successful logins: 2
Suspicious IPs:
192.168.1.50 - 6 failed attempts
10.0.0.25 - 2 failed attempts

Why This Project Matters

SOC Analysts review logs every day to identify suspicious behavior. This project shows that you understand how to collect log data, search for attack patterns, and create a simple incident report.

About

Python SOC Analyst project for detecting brute-force attacks and suspicious authentication logs.

Topics

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages