Résumé:
With the development and steady growth of several technologies, I.T. security has become
a crucial issue for any business. As the information system is an essential asset of the
company, the latter's security is paramount. This project consists of designing and
implementing S.I.E.M. security information and event management for B.A.D.R. Bank, a
tool that provides a dashboard to monitor the collected events and real-time analysis and
alerts from the organization logs network equipment in case of anomalies. Open source
tools E.L.K. and Wazuh are used for this solution.
The system includes agents installed in multiple endpoints to collect logs from the different
sources and send these data in a raw format to the processing server for standardization and
parsing.
The logs are indexed and stored and used by visualization tools as graphs and tables
gathered in dashboards; alerts are created when identifying an attempted attack or anomaly
in the system.
Keywords: Alerts, attack, detection, E.L.K., logs, log management, monitoring, security,
S.I.E.M., supervision, visualization, Wazuh.
