SSH detection gap remediation — installed rsyslog, enabled ForwardToSyslog on Kali Linux, confirmed auth.log ingestion into Elastic SIEM, and validated end-to-end SSH brute force alerting with 31 alerts fired
Lab 2 for Cyber Threat Intelligence (CTI) — Integration of MISP with Elastic Stack for IoC ingestion, and deployment of Elastic Agents on Linux and Windows endpoints via Fleet Server for centralized log forwarding.
Pure Go RELP forwarder & listener for syslog-ng — drop-in binaries via program() driver, no librelp required
Detection engineering project focused on Sysmon tuning, noise reduction, and integrating endpoint telemetry into Splunk to improve visibility and alert fidelity.
Automated syslog forwarding deployment for mixed Linux environments including legacy RHEL 5/6 systems
Add a description, image, and links to the log-forwarding topic page so that developers can more easily learn about it.
To associate your repository with the log-forwarding topic, visit your repo's landing page and select "manage topics."