Please use this identifier to cite or link to this item:
http://hdl.handle.net/10609/107506
Title: | Centralización y análisis de eventos de seguridad con Graylog |
Author: | Ruiz Aylagas, Alberto |
Director: | Rifà-Pous, Helena |
Tutor: | Canto Rodrigo, Pau del |
Abstract: | Every day enterprises have more ICT systems that generate security events. Analizing these events with word processor can be very difficult. In addition, the events of each system must be analysed separately. In this paper we're going to show the utility of using graylog, a tool to centralize the analysis of security events. In this way, using a single tool we can analyse the events of several systems in a simple way and we can also show the results clearly, being able to show them graphically. To do this we will use this solution in a cloud environment (aws) and we will perform four use cases. We will analyse SSH, DNS, WAF and firewall events. Finally, we will compare this solution with others avalaible in the market. Specifically, we will do an analysis of splunk and Elastic. After finishing this work we will have verified how graylog has allowed us to carry out the use cases easily, obtaining result quickly and clearly. Also, we can configure graphics to have information available in every moment. |
Keywords: | security event management Graylog log analysis |
Document type: | info:eu-repo/semantics/masterThesis |
Issue Date: | Dec-2019 |
Publication license: | http://creativecommons.org/licenses/by-nc-sa/3.0/es/ |
Appears in Collections: | Trabajos finales de carrera, trabajos de investigación, etc. |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
aruizayTFM1219memoria.pdf | Memoria del TFM | 2,05 MB | Adobe PDF | View/Open |
Share:
This item is licensed under a Creative Commons License