Indonesia
Abstract
For a system administrator, one of the main tasks that must be done is to record events (logs) that exist on a server application, as well as on the security side, a system administrator who is responsible for the security of the server. Being a problem that is managed by an administrator of this system consists of several application servers, for example, web servers, mail servers and proxy servers, and what is needed is related to realtime, so that a problem appears can be opened). Splunk and Ossim are solutions that can be used to make it easier to do the server. From the results of assault tests carried out on the web server, Splunk and Ossim can check logs of events in real time, Splunk and Ossim are able to protect the source of the ip address, destination ip address, and events or activities carried out, and can contact those conducted via e - letter. From various types of assault tests conducted, Splunk and Ossim cannot verify some attacks such as XSS, because this attack is a weakness in the web server program.Published
2021-05-04
Issue
Section
Artikel
License
Copyright info for authors
1. Authors hold the copyright in any process, procedure, or article described in the work and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
2. Authors retain publishing rights to re-use all or portion of the work in different work but can not granting third-party requests for reprinting and republishing the work.
3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) as it can lead to productive exchanges, as well as earlier and greater citation of published work.
