Building a Mini SOC Lab: SSH Authentication Triage Using Journald and Python

One of the main tasks I expect to handle as a SOC analyst is reviewing authentication logs -looking for failed login attempts, picking up on patterns like brute-force or username spraying, and figuring out whether something is just a user mistyping t...