SIEM Log Investigation | Splunk · Wazuh · MITRE ATT&CKAaliya Khalil
Security logs tell the full story of an attack, but only if someone knows how to read them. I analyze Windows Event Logs and SIEM telemetry to reconstruct what happened, identify suspicious activity, and deliver clear, structured incident reports your team can act on.
My work is based on hands-on cybersecurity training and lab environments, where I use SIEM tools such as Splunk and Wazuh to investigate Windows and authentication logs, reconstruct attack behavior, and map findings to MITRE ATT&CK techniques.
I focus on turning raw security logs into clear, structured insights that help teams understand what happened, when it happened, and how it may have occurred.
Core Areas of Focus
Windows Event Log analysis (Security, System, PowerShell)
Splunk & Wazuh SIEM investigations (lab/simulated environments)
Authentication anomalies (failed logins, brute-force patterns)
Suspicious account activity & privilege changes
IOC analysis (IPs, domains, hashes in investigation scenarios)
MITRE ATT&CK technique mapping
SOC-style incident reporting and documentation
Who this service is for
IT teams needing structured log review or investigation support
Security teams reviewing Windows or SIEM alerts
Startups requiring incident documentation or security reporting
Training, academic, or simulation-based cybersecurity environments
Delivery Format
You will receive a structured investigation report including:
Event timeline reconstruction
Key findings and supporting evidence
Relevant log excerpts and observations
MITRE ATT&CK mapping (if applicable)
Basic detection insights and recommendations
FAQs
Example work
Aaliya's other services
Starting at$30
Duration4 days
Tags
Splunk
Cybersecurity Specialist
Information Security
Log Analysis
MITRE ATT&CK
Security Operations
Threat Detection
Wazuh
Windows Security
Service provided by
Aaliya Khalil Abu Dhabi - United Arab Emirates
- 2
- Followers
SIEM Log Investigation | Splunk · Wazuh · MITRE ATT&CKAaliya Khalil
Starting at$30
Duration4 days
Tags
Splunk
Cybersecurity Specialist
Information Security
Log Analysis
MITRE ATT&CK
Security Operations
Threat Detection
Wazuh
Windows Security
Security logs tell the full story of an attack, but only if someone knows how to read them. I analyze Windows Event Logs and SIEM telemetry to reconstruct what happened, identify suspicious activity, and deliver clear, structured incident reports your team can act on.
My work is based on hands-on cybersecurity training and lab environments, where I use SIEM tools such as Splunk and Wazuh to investigate Windows and authentication logs, reconstruct attack behavior, and map findings to MITRE ATT&CK techniques.
I focus on turning raw security logs into clear, structured insights that help teams understand what happened, when it happened, and how it may have occurred.
Core Areas of Focus
Windows Event Log analysis (Security, System, PowerShell)
Splunk & Wazuh SIEM investigations (lab/simulated environments)
Authentication anomalies (failed logins, brute-force patterns)
Suspicious account activity & privilege changes
IOC analysis (IPs, domains, hashes in investigation scenarios)
MITRE ATT&CK technique mapping
SOC-style incident reporting and documentation
Who this service is for
IT teams needing structured log review or investigation support
Security teams reviewing Windows or SIEM alerts
Startups requiring incident documentation or security reporting
Training, academic, or simulation-based cybersecurity environments
Delivery Format
You will receive a structured investigation report including:
Event timeline reconstruction
Key findings and supporting evidence
Relevant log excerpts and observations
MITRE ATT&CK mapping (if applicable)
Basic detection insights and recommendations
FAQs
Example work
Aaliya's other services
$30