AI-assisted SSH authentication log analyzer for detecting suspicious activity in Linux authentication logs.

This tool analyzes uploaded SSH log files and automatically identifies indicators of potential attacks such as brute-force attempts, root access targeting, username enumeration patterns, and suspicious authentication failures.

The system generates a structured incident analysis report, attacker profiling insights, and visual security metrics.

• Upload Linux SSH authentication logs
• Detect suspicious authentication patterns
• Identify brute-force attack attempts
• Detect root access targeting
• Analyze username targeting patterns
• Generate attacker profiling insights
• Display severity distribution and attack statistics
• Produce human-readable incident analysis summaries

The dashboard provides:

• Total log statistics
• Suspicious event counts
• Risk score estimation
• Top attacking IP sources
• Severity distribution chart
• Attacker intelligence profiling
• Detailed event inspection table

1. Clone the repository:

• git clone https://github.com/learnwithvidya/ai-security-log-analyzer.git
• cd ai-security-log-analyzer

2. Install required Python Libraries

• pip install -r requirements.txt

3. Running the application

• python app.py

4. Open browser and enter http://127.0.0.1:5000

• Real-time log monitoring
• Machine learning based anomaly detection
• SIEM integration
• Automated incident response suggestions
• Support for additional log formats (Syslog, Apache, Nginx)
• Threat intelligence enrichment for IP addresses