Please use this identifier to cite or link to this item:

http://hdl.handle.net/10609/90907
Title: Implantació d'un sistema de gestió d'esdeveniments i informació de seguretat per una organització
Author: Cama Hidalgo, Marc
Tutor: Castillo Pedrosa, José Manuel
Keywords: threats
SIEM
logs
computer security
Issue Date: 6-Jan-2019
Publisher: Universitat Oberta de Catalunya (UOC)
Abstract: Given the current paradigm of mass data processing and security incidents where the management is more complex every time, and given the number of assets of an organization, the integration of a security information and event management platform is proposed. For the SIEM project the platform ElasticSearch-LogStash-Kibana (ELK) has been chosen. An open source solution which allows the management of logs. Wazuh will be added to this platform: a management and creation of security events solution which monitorizes the activities from a machine and creates events according to their importance to be able to prevent them later. In order to incorporate the events, Logstash Netflow will be added: a collector, normalizer and visualizer of net flow which allows to have a history for the traffic and will allow to make a detailed analysis of the possible security incidents. The potential result is to create a platform which gathers all the possible security tools which might help to the resolution of problems in a centralized system, easy to control and which allows us to be able to visualize security events, make forensic analysis of incidents, and to anticipate possible threats.
Language: Catalan
URI: http://hdl.handle.net/10609/90907
Appears in Collections:Bachelor thesis, research projects, etc.

Share:
Export:
Files in This Item:
File Description SizeFormat 
mcamaTFG0119memòria.pdfMemòria del TFG3.29 MBAdobe PDFView/Open

This item is licensed under a Creative Commons License Creative Commons