← All student work

[ DASHBOARDS ]

SOC Dashboard · Grafana + Loki

Capstone dashboard surfacing auth failures, geo-anomalies, and beaconing across the lab estate.

  • Grafana
  • Observability

// the_work

Wired Loki to ingest authentication and DNS logs, then built a Grafana dashboard with alert rules for impossible-travel logins and unusual outbound DNS.

// artifacts

FROM THE
PROJECT FILES.

▦ diagrampipeline
auth.log ─┐
sshd     ─┼─▶ Promtail ─▶ Loki ─▶ Grafana ─▶ alerts
zeek/dns ─┘                            └─▶ on-call
</> codelogql · impossible travel
sum by (user) (
  rate({app="auth"} |~ "Accepted password" [10m])
) > 0
and on(user)
  count_over_time({app="auth"} |~ "Accepted password" [10m]) > 1

// your_work

Want this on your portfolio?