Alfandi, Muhammad (2022) Analisa Security Information And Event Management (SIEM) Menggunakan Elastic Stack SIEM Dan SPLUNK. Other thesis, Universitas Islam Riau.
Text
183510165.pdf - Submitted Version Download (7MB) |
Abstract
The development of information technology at this time is so rapid, behind the current technological advances, there are also threats and attacks that can occur at any time. These attacks and threats can damage systems and leak important data from an agency or company. With these threats and attacks, information security plays an important role in being able to carry out security from attacks and threats that occur. SIEM (Security Information and Event Management) is one of the methods in information security to analyze logs that occur in a system. In this research, the SIEM used is Elastic Stack SIEM and Splunk to monitor and analyze the attack logs that enter the system. The attacks carried out in this research are Fingerprinting, SQL Injection, DoS, and Port Scanning, and the test results are Elastic Stack SIEM and Splunk are able to detect all attacks that enter the web server in real time. After the attack has been detected, Splunk and Elastic Stack SIEM will then send an e-mail notification to the administrator about the attack.
Item Type: | Thesis (Other) | ||||||
---|---|---|---|---|---|---|---|
Contributors: |
|
||||||
Uncontrolled Keywords: | Monitoring, SIEM, Elastic Stack SIEM, Splunk | ||||||
Subjects: | Q Science > QA Mathematics > QA76 Computer software | ||||||
Divisions: | > Teknik Informatika | ||||||
Depositing User: | Mohamad Habib Junaidi | ||||||
Date Deposited: | 25 Apr 2022 09:22 | ||||||
Last Modified: | 25 Apr 2022 09:22 | ||||||
URI: | http://repository.uir.ac.id/id/eprint/10611 |
Actions (login required)
View Item |