This post demonstrates using Splunk field extraction and search queries to track SSH brute-force login attempts, identifying the top attacking usernames and source IP addresses via dashboards.