https://github.com/cyamos2/login-activity-report

Python script that scans login logs, detects suspicious activity, and generates a summary report.
https://github.com/cyamos2/login-activity-report

automation comptia cybersecurity infosec log-analysis python security-tools

Last synced: 9 months ago
JSON representation

Python script that scans login logs, detects suspicious activity, and generates a summary report.

• Host: GitHub
• URL: https://github.com/cyamos2/login-activity-report
• Owner: Cyamos2
• Created: 2025-05-12T15:09:37.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2025-05-12T15:16:09.000Z (about 1 year ago)
• Last Synced: 2025-05-12T16:31:38.220Z (about 1 year ago)
• Topics: automation, comptia, cybersecurity, infosec, log-analysis, python, security-tools
• Language: Python
• Homepage:
• Size: 5.86 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# 🛡️ Login Activity Report Generator (Python)

This Python script simulates a basic log analysis tool that scans login activity, detects failed attempts, flags known suspicious IP addresses, and generates a simple security report.

---

## ✅ What It Does

- Counts total login attempts  

- Separates successful vs. failed logins  

- Checks for known suspicious IPs  

- Triggers an alert if suspicious activity is detected  

- Prints a clean, readable summary report  

---

## 🧠 How It Works

### Input:

A list of fake log entries (could be adapted for real log files):

```python

logs = [

    "SUCCESS: user1 from 192.168.1.5",

    "FAILED: user2 from 10.0.0.99",

    "FAILED: root from 66.66.66.66",

    ...

]

```

### Logic:

- Uses `for` loops to scan each log line  

- Uses string checks (`"SUCCESS"` or `"FAILED"`) to classify outcomes  

- Cross-checks each log line against a list of known suspicious IPs  

### Output:

Example console output:

```

LOGIN REPORT

----------------

Total attempts: 6

Successful logins: 2

Failed logins: 4

Suspicious IPs detected: 2

⚠️ ALERT TRIGGERED

```

---

## 🔧 Future Enhancements

- Load log data from an external file  

- Save the report as a `.txt` or `.csv`  

- Add timestamps or usernames  

- Use regular expressions for deeper pattern matching  

- Integrate into a larger incident response toolkit  

---

## 🎯 Why This Project?

This tool was built as part of my **CompTIA Security+** and Python practice. It demonstrates:

- Real-world log analysis thinking  

- Secure coding and defensive scripting  

- Automation of repetitive detection tasks  

---

✅ Feel free to fork, clone, or contribute!