SIEM

Project Overview:

Conducted an in-depth analysis project using Splunk to investigate and address unexpected wake events in a Windows environment. The project involved analyzing system logs and power settings to identify root causes of system activation during low power modes. Key focuses included optimizing system efficiency and understanding the impact of background processes on power management. This initiative enhanced my expertise in system diagnostics and proactive maintenance.

Key Terms/Technology Used:

  • Splunk data analysis and monitoring.
  • Windows event logs and system diagnostics.
  • Power management and scheduled task configuration.

Methodology:

  • Configured Splunk to monitor and aggregate system logs.
  • Analyzed wake patterns and correlated them with system events and tasks.
  • Investigated power settings and task scheduler to identify potential triggers.

Challenges Faced:

  • Filtering and interpreting large volumes of log data to isolate relevant events.
  • Identifying the specific cause of wake events among various system processes and tasks.
  • Balancing system functionality with power efficiency.

Results:

  • Successfully pinpointed the causes of unplanned wake events.
  • Optimized system settings to enhance power management efficiency.
  • Gained insights into the interplay of system processes and power states, leading to more effective system configuration and management.