Company: Flatiron School

• Installed Splunk appliance on a Linux-based Server VM (custom built Ubuntu Server 20.04 in VirtualBox). Configured Splunk to start automatically upon turning on the VM.
• Calculated storage requirements and configured Indexing and upload data sets to ingest data and custom logs for analysis.
• Used Nmap to run a manual scan of my personal network and used Splunk's Asset Discovery App to demonstrate how Asset Management might look inside of a SIEM.
• Designed SIEM Use Cases for specific scenarios and practiced searching using the SPL (Search Processing Language) in order to explain the data and figure out the story behind it. Displayed real incidents attack data in an easily-readable dashboard to generate various reports.
• Configured Splunk alerts and Installed apps such as Windows, *nix, CIM Apps to translate and normalize data from different sources
• Managed regular backups of progress by taking snapshots before critical updates or configurations.