Assessment details

Assessments $3$:

Overview

Assessment tasks

Learning Outcome Mapping

Assessment ID Assessment Item

When due

Weighting

ULO#

CLO# for BITS

$3*$

Project Report

$($Group$)$

Week $12$

$40\%$

$1,4$

A$,$ B$,$ C$,$ D$,$ H$,$ I, J

Project Demonstration

$($Group$)$

Week $13$

$($Study Week$)$

$15\%$

Note: $*$ denotes 'Hurdle Assessment Item' that students must achieve at least $40\%$ in this item to pass the unit.

Introduction

You will install a SIEM server and demonstrate any five $(5)$ tasks. You can use any SIEM server including Splunk, Greylog, ELK, etc. Demonstrate how you install it$,$ configure the rsyslogs and demonstrate the five tasks. An example of the five tasks are below:

$1.$ Searches and Queries

$2.$ Mapping

$3.$ Sending logs to the SIEM and performing log analysis $($searching on logs$)$

$4.$ Demonstrate Reporting

$5.$ Demonstrate Dashboard

Report

This is a group project with $3-4$ students in a group. You will implement an SIEM server and configure clients to send their logs $($e$.$g$.$ rsyslog$)$ to the server and write rules from the logs and determine appropriate actions on the events.

Demonstration

You will complete a project demonstration at the end of the study period and will be assessed both as an individual and as a member