<![CDATA[Network infrastructure security has become a crucial necessity due to the increasing complexity of cyber attacks such as Distributed Denial of Service (DDoS) and illegal intrusions that are difficult to detect conventionally. This study aims to build a comprehensive log monitoring system using the integration of Wazuh SIEM and Elastic Stack to collect, standardize, and identify threats in real-time within LAN/WAN network environments. The methodology follows the PPDIOO cycle (Prepare, Plan, Design, Implement, Operate, Optimize), which includes stages of agent installation on servers, configuration of detection rules, and testing through direct attack simulations. The results show that the system successfully identified 42 security threats with an accuracy rate of 95%. Furthermore, the system is capable of providing alert responses in less than 5 seconds while maintaining stable server performance with latency below 100ms. These findings prove that SIEM-based monitoring is significantly more efficient than traditional manual monitoring methods in terms of detection speed and data visibility. This integration of open-source solutions is proven reliable for proactively strengthening network defenses. For further development, it is recommended to integrate machine learning technology to automatically predict more complex threat patterns.]]>
Copyrights © 2026
