<![CDATA[This research focuses on developing an anomaly detection application for the internet network infrastructure at the Disaster Recovery Center (DRC) building of the Indonesian Attorney General's Training Agency through Security Information and Event Management (SIEM) implementation utilizing Python programming language. The primary objective of this study is to develop a comprehensive application that assists personnel, particularly network administrators at the DRC facility, in monitoring and analyzing internet network communication patterns and traffic flows. The research methodology involves creating a detection system designed to enhance network security capabilities and provide continuous monitoring functionality for network infrastructure protection. The developed application leverages SIEM technology to aggregate and process security-related information extracted from log data across network devices, applications, and hardware components. SIEM technology demonstrates the capability to handle substantial data volumes while correlating and analyzing security events from multiple heterogeneous sources within the network environment. The implementation of this application provides critical visibility into the internal network operations of the DRC facility, enabling proactive threat detection and response capabilities. When security incidents or anomalous activities are identified, the system generates comprehensive reports detailing network conditions and security status, which are subsequently escalated to management for appropriate remedial actions and strategic decision-making.]]>
Copyrights © 2025
