FTP Log Analysis & Threat Detection Using Splunk

In this project, we demonstrate how Splunk can be used as a Security Information and Event Management (SIEM) tool to monitor FTP server logs, detect suspicious activity, and improve cybersecurity visibility. We analyze log data to identify failed login attempts, detect brute force attacks, and monitor file activity such as uploads, downloads, and deletions. The presentation includes a full walkthrough of our GitHub repository, explanation of our system design, and a live demonstration of Splunk in action. We also showcase our dashboard and automated alert system used to detect potential security threats.