SOC Defense, Automated

BlueSentinel

AI-powered log anomaly detection for security operations. Parses system logs, flags suspicious behavior with ML, writes plain-English incident summaries.

Try the live demo →View on GitHub

The 5-stage pipeline

01

Parse

Regex-based ingestion of Linux auth + firewall logs

02

Detect

Unsupervised Isolation Forest — no labeled data required

03

Classify

Rule-based severity + IP frequency analysis

04

Summarize

Natural-language incident reports via OpenAI

05

Report

Console alerts + dated alerts_report.txt export

Tech stack

Python 3 · scikit-learn (Isolation Forest) · pandas · numpy · OpenAI API (summaries) · Flask (optional dashboard) · loguru · joblib