SOC-level Windows Security Log Analysis using ELK Stack (Filebeat, Elasticsearch, Kibana) and Python on LANL dataset. Includes log ingestion, chunk processing, forensic analysis, and threat detection.
When I collect the application log (the application log will be cut on the hour, and the last hour's log will be named according to the IP address-timestamp of the application pod), some log lines ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results