Analisis dan Peningkatan Performa Log File Pada Server dengan Elk Stack
DOI:
https://doi.org/10.12928/jstie.v12i1.28235Keywords:
Computer Security, Log Analysis, ELK StackAbstract
Komputer server adalah penyedia layanan dalam jaringan dan memastikan bahwa semua aktivitas komputasi dapat dicatat dan memiliki keluaran berupa file log. Berdasarkan pengamatan yang dilakukan pada sebuah kantor pemerintahan di Kota Padang teridentifikasi kesulitan mengolah file log dan masih memiliki banyak kekurangan dalam proses menganalisa log. Oleh karena itu, dibutuhkan sistem pengelolaan file log secara lengkap, seperti management log yang efektif untuk menampung masalah. Sistem yang diusulkan ini dapat mengevaluasi log jaringan berdasarkan fungsi untuk log management, log collection, log transformation, dan log file. Saat ini telah terdapat banyak alat yang digunakan dengan bermacam metode dalam mengumpulkan log dan menganalisis log untuk mendeteksi aktivitas jahat. Alat yang tersedia belum mengimplementasikan metode ELK Stack, yaitu kombinasi dari Elasticsearch, Logstash, dan Kibana. Arsitektur ELK ini menarik untuk diimplementasikan karena dapat membangun pembaruan yang lebih tertata dengan sedikit usaha dan fungsionalitas yang didapat lebih akurat. Dengan penerapan manajemen log ini, seorang administrator dapat membaca log, meningkatkan performa log file, mengidentifikasi masalah pada server, dan menganalisis pelaporan secara lebih mudahReferences
C. Tarigan, V. J. L. Engel, and D. Angela, “Sistem Pengawasan Kinerja Jaringan Server Web Apache dengan Log Management System ELK (Elasticsearch, Logstash, Kibana),” J. Telemat., pp. 7–14, 2018, [Online]. Available: https://journal.ithb.ac.id/telematika/article/view/218
P. H. Putra, “Implementasi Log Management Server Menggunakan Elk ( Elastic Implementasi Log Management Server Menggunakan Elk ( Elastic Search , Logstash Dan Kibana ) Stack Pada Server Web Snort Di Pt . Xyz,” J. Inform. Sunan Kalijaga, vol. 4, no. April, pp. 1–8, 2020.
R. Y, A. Kothakota, and S. S, “A study on log file techniques,” vol. 6, no. 04, pp. 2014–2017, 2019.
M. Ruokola, “Centralized log management Miikka Ruokola Bachelor ’ s thesis,” no. May, 2017.
A. Y. El-Bably, “Overview of the Impact of Human Error on Cybersecurity based on ISO/IEC 27001 Information Security Management,” J. Inf. Secur. Cybercrimes Res., vol. 4, no. 1, pp. 95–102, 2021, doi: 10.26735/wlpw6121
P. P. Bavaskar, O. Kemker, and A. K. Sinha, “a Survey on: ‘Log File With Elk Stack Tool,’” Int. J. Res. Anal. Rev., 2019, [Online]. Available: https://ssrn.com/abstract=3677845
IEEE, “Standard for Information Technology,” no. May, pp. 3–6, 2017.
A. Kosasih, “Designing Automation System Based on Log Management for Bank XYZ’s Data Center,” Int. J. Emerg. Trends Eng. Res., vol. 8, no. 5, pp. 1721–1727, 2020, doi: 10.30534/ijeter/2020/37852020.
J. Svacina et al., “On Vulnerability and Security Log file: A Systematic Literature Review on Recent Trends,” ACM Int. Conf. Proceeding Ser., pp. 175–180, 2020, doi: 10.1145/3400286.3418261.
Z. Zamanian, “Anomaly Detection in System Log Files Using Machine Learning,” pp. 1–92, 2019.
Bharvi Dixit, Elasticsearch: A Complete Guide. Published by Packt Publishing Ltd., 2017. [Online]. Available: https://www.packtpub.com/
V. K. Et. al., “Twego Trending: Data Analytics Based Search Engine Using Elasticsearch,” Turkish J. Comput. Math. Educ., vol. 12, no. 1S, pp. 246–251, 2021, doi: 10.17762/turcomat.v12i1s.1764.
H. Ju, J. Wang, E. Zhu, X. Zhang, and F. Zheng, “Design Scheme of a Docker Container File Isolation against Computer Virus Spreading,” Math. Probl. Eng., vol. 2022, pp. 1–6, 2022, doi: 10.1155/2022/5348370.
A. H. S. Ian Miell, Docker in Practice Second Edition, Second edi. Manning Publications Co. All rights reserved. No, 2019.
M. Shrestha, “Exploring Docker Implementation With WORDPRESS,” 2019
Downloads
Published
Issue
Section
License
License and Copyright Agreement
In submitting the manuscript to the journal, the authors certify that:
- They are authorized by their co-authors to enter into these arrangements.
- The work described has not been formally published before, except in the form of an abstract or as part of a published lecture, review, thesis, or overlay journal. Please also carefully read Journal Posting Your Article Policy.
- The work is not under consideration for publication elsewhere.
- The work has been approved by all the author(s) and by the responsible authorities – tacitly or explicitly – of the institutes where the work has been carried out.
- They secure the right to reproduce any material that has already been published or copyrighted elsewhere.
- They agree to the following license and copyright agreement.
Copyright
Authors who publish with Jurnal Sarjana Teknik Informatika agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License (CC BY-SA 4.0) that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.
