Most small IT teams collect

Most small IT teams collect logs but never actually investigate them. That's exactly what attackers count on.

Over the past several months, I've been building hands-on SOC skills — analyzing Windows Event Logs, running SIEM investigations in Splunk and Wazuh, and reconstructing full attack timelines across ransomware, brute-force, and phishing scenarios.

Here's what I've learned: logs don't lie. Every failed login attempt, every unauthorized account creation, every suspicious process execution leaves a trace. The challenge is knowing where to look and how to connect the dots.

Some things I can help you identify from your logs: • Brute-force attack patterns and successful compromise indicators • Unauthorized account creation and credential manipulation • Suspicious authentication anomalies and privilege escalation attempts • Attack timelines mapped to MITRE ATT&CK techniques

I deliver structured investigation reports that turn raw log data into clear, actionable findings — so you know exactly what happened and what to do next.

If your team is sitting on unreviewed logs or needs support investigating a security event, I'd love to help.

👉 Check out my service below — starting at $30. https://contra.com/s/7FecLZcc-soc-analyst-log-investigation-and-threat-detection-support?r=alkhal_vio107rc