Skip to content
View gdanielschillinger's full-sized avatar
1 follower · 1 following

Block or report gdanielschillinger

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
gdanielschillinger/Readme.md

Security Log Analyzer & Automated Auditor

A Python-based security automation engine designed for log ingestion, regex-based telemetry extraction, and automated threat triage. This tool identifies brute-force patterns and generates standardized JSON alerts for security operations.

Milestone: Internal SOC Readiness

The core engine is fully operational. It successfully parses raw server telemetry and identifies High-Risk Indicators of Compromise (IoCs).

SOC Analyst Threat Report

  • Dataset: logs.txt (Synthetic Production Simulation)
  • Total Entries Processed: 5
  • Identified Authentication Failures: 3
  • System Status: HIGH RISK ACTIVITY DETECTED

Threat Vector Summary

Indicator (IP) Failures Risk Level Mitigation Action
10.0.0.50 3 HIGH Logged to alerts.json for SIEM Ingestion

Technical Architecture

  • Telemetry Extraction: Custom Regex patterns extract ISO-8601 timestamps, status codes, and IP addresses.
  • Automated Triage: Threshold-based logic identifies brute-force attempts (Threshold: 3 failures).
  • Audit Compliance: Standardized JSON export ensures interoperability with modern SIEM/SOAR platforms.

Project Roadmap

  • Week 1: Data Ingestion (Regex Parsing & File Handling)
  • Week 2: Automated Auditing (Threshold Triage & JSON Export)
  • Week 3: AGI Integration (LLM-based Threat Summarization)
  • Week 4: Deployment & Portfolio Validation

Popular repositories Loading

  1. gdanielschillinger gdanielschillinger Public

    Python-based security log analysis tool that parses authentication and system logs to identify suspicious patterns such as repeated failed logins and abnormal source behavior. Built to demonstrate …

    JavaScript

  2. enterprise-incident-response-framework enterprise-incident-response-framework Public

    Strategic cybersecurity governance repository featuring a hybrid Incident Response Plan (IRP) integrating NIST SP 800-61 Rev. 2 and SANS methodologies. Includes modernized forensic forms, chain of …

  3. SANS_vs_NIST_Strategic_Analysis.md SANS_vs_NIST_Strategic_Analysis.md Public

    Strategic Analysis: NIST vs. SANS Framework Implementation

  4. daniel-portfolio daniel-portfolio Public

    Portfolio of a security engineer building automation and agentic AI workflows for detection, reporting, and incident response. Focused on Python tooling, governance-aware design, and practical LLM …

    TypeScript

  5. sentient-sync-portfolio sentient-sync-portfolio Public

    AGI Architecture & Cybersecurity Auditor Portfolio

    TypeScript