Please use this identifier to cite or link to this item:

http://hdl.handle.net/10609/107506
Title: Centralización y análisis de eventos de seguridad con Graylog
Author: Ruiz Aylagas, Alberto
Director: Rifà Pous, Helena  
Tutor: Canto Rodrigo, Pau del
Keywords: security event management
Graylog
log analysis
Issue Date: Dec-2019
Publisher: Universitat Oberta de Catalunya (UOC)
Abstract: Every day enterprises have more ICT systems that generate security events. Analizing these events with word processor can be very difficult. In addition, the events of each system must be analysed separately. In this paper we're going to show the utility of using graylog, a tool to centralize the analysis of security events. In this way, using a single tool we can analyse the events of several systems in a simple way and we can also show the results clearly, being able to show them graphically. To do this we will use this solution in a cloud environment (aws) and we will perform four use cases. We will analyse SSH, DNS, WAF and firewall events. Finally, we will compare this solution with others avalaible in the market. Specifically, we will do an analysis of splunk and Elastic. After finishing this work we will have verified how graylog has allowed us to carry out the use cases easily, obtaining result quickly and clearly. Also, we can configure graphics to have information available in every moment.
Language: Spanish
URI: http://hdl.handle.net/10609/107506
Appears in Collections:Bachelor thesis, research projects, etc.

Share:
Export:
Files in This Item:
File Description SizeFormat 
aruizayTFM1219memoria.pdfMemoria del TFM2.05 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons