<![CDATA[This research aims to implement Security Information and Event Management (SIEM) using Wazuh on the Bina Darma University server for real-time network security monitoring. The research uses the action research method with planning, action, observation, and reflection stages. Testing was carried out using three attack scenarios, namely Brute Force, SYN Flood, and SQL Injection, on Windows- and Ubuntu-based virtual machine environments. The research results show that Wazuh succeeded in detecting four attempted brute force attacks, a real-time SQL injection attack, and a SYN flood attack with the help of Suricata. Telegram bot integration successfully sends automatic notifications on brute force attacks. Performance testing showed CPU usage increased from 15% to 60% during the attack, while memory usage remained stable. This research is still limited to a simulation environment with a limited number of endpoints]]>
Copyrights © 2026
