DEV Community

Cover image for Fintech Transaction Monitoring & Fraud Detection Using Splunk
Akuson Daniel
Akuson Daniel

Posted on

Fintech Transaction Monitoring & Fraud Detection Using Splunk

#splunk #cybersecurity #fintech #analytics

In this lab, I simulated a Nigerian fintech and Banks platform with 5,000+ realistic transaction events and use i Splunk to monitor transactions,detect fraud, and perform business analytics

N.B The Values used are randomized.

Splunk is widely used in:

*Security Operations (SOC)
*Business analytics
*Fintech monitoring

By completing this lab, I demonstrated:

  • Realistic data ingestion
  • Fraud detection & KPI tracking
  • Executive dashboard creation
  • SPL (Search Processing Language) skills.

DATASET OVERVIEW
I generated 5,000 events with 10 Financial Institutions event types

Event Type                Description
Enter fullscreen mode Exit fullscreen mode

| PAYMENT_SUCCESS | Payment completed successfully |
| PAYMENT_FAILED | Payment failed |
| LOGIN_SUCCESS | Successful login |
| LOGIN_FAILED | Failed login attempt |
| OTP_SENT | One-time password sent |
| OTP_FAILED | OTP verification failed |
| KYC_SUBMITTED | Know Your Customer submitted |
| KYC_APPROVED | KYC approved |
| KYC_REJECTED | KYC rejected |
| WALLET_FUNDED | Wallet funding |

Fields included:
user_id, event_type, amount, bank, location, device, channel, status, `timestamp'

Step 1: Generate the Dataset

I used Python and VS Code to generate the dataset. Here’s the script:

`

`python
import json
import random
from datetime import datetime, timedelta

events = [
"PAYMENT_SUCCESS","PAYMENT_FAILED",
"LOGIN_SUCCESS","LOGIN_FAILED",
"OTP_SENT","OTP_FAILED",
"KYC_SUBMITTED","KYC_APPROVED","KYC_REJECTED",
"WALLET_FUNDED"
]

banks = ["GTB","Access","Zenith","UBA","Kuda","Opay"]
locations = ["Lagos","Abuja","Ibadan","PH","Benin"]
devices = ["Android","iPhone","Web"]
channels = ["MobileApp","USSD","Web"]

start_time = datetime(2025, 1, 1)

with open("fintech_5000.json", "w") as f:
for i in range(5000):
event = random.choice(events)
log = {
"event_type": event,
"user_id": f"U{random.randint(1000, 4000)}",
"amount": random.choice([0,5000,10000,20000,50000]),
"bank": random.choice(banks),
"location": random.choice(locations),
"device": random.choice(devices),
"channel": random.choice(channels),
"status": "FAILED" if "FAILED" in event else "SUCCESS",
"timestamp": (start_time + timedelta(seconds=i)).isoformat()
}
f.write(json.dumps(log) + "\n")
print("fintech_5000.json generated successfully")

step 2 : I Uploaded My Randomized Values using a Python Script in VS Code.

Upload Data to Splunk
Go to Splunk Home → Add Data → Upload
Select fintech_5000.json
Configure:
_Sourcetype: _json
_Index: main (or allowed index)
_Timestamp extraction: timestamp

`
index=main | stats count

`

`

Top comments (0)