← All student work
[ DASHBOARDS ]
SOC Dashboard · Grafana + Loki
Capstone dashboard surfacing auth failures, geo-anomalies, and beaconing across the lab estate.
- Grafana
- Observability
// the_work
Wired Loki to ingest authentication and DNS logs, then built a Grafana dashboard with alert rules for impossible-travel logins and unusual outbound DNS.
// artifacts
FROM THE
PROJECT FILES.
auth.log ─┐ sshd ─┼─▶ Promtail ─▶ Loki ─▶ Grafana ─▶ alerts zeek/dns ─┘ └─▶ on-call
sum by (user) (
rate({app="auth"} |~ "Accepted password" [10m])
) > 0
and on(user)
count_over_time({app="auth"} |~ "Accepted password" [10m]) > 1// your_work