This study implemented an integrated security monitoring system using Wazuh File Integrity Monitoring (FIM), Suricata as a Network Intrusion Detection System (NIDS), and Telegram-based notifications to enhance network security. The research was conducted in a virtual laboratory environment using multiple Windows and Linux endpoints. Wazuh was utilized to monitor file integrity and system logs, while Suricata analyzed network traffic to detect intrusion attempts. All alerts generated by both systems were centralized in Wazuh and forwarded automatically to administrators through Telegram Bot API. Several attack simulations were performed, including brute-force login attempts across different operating systems and file modification scenarios. The results showed that Wazuh successfully detected unauthorized file changes in real time, while Suricata effectively identified suspicious network traffic based on predefined rule sets. The integration of Telegram notifications enabled rapid alert delivery, allowing administrators to respond promptly to security incidents. The findings demonstrate that combining host-based monitoring and network-based intrusion detection provides comprehensive visibility into security threats. This integrated approach is suitable for academic environments and can be extended to real-world implementations to improve incident detection and response efficiency.
Copyrights © 2026