Analisis Perbandingan Performa Metode ELK Stack dan Grafana Loki Pada Honeypot Server

Authors

  • Ach Izalul Haq Universitas Amikom Yogyakarta
  • Banu Santoso Universitas Amikom Yogyakarta

DOI:

https://doi.org/10.32736/sisfokom.v10i3.1177

Abstract

Seiring perkembangan teknologi yang begitu pesat, telah muncul banyak metode untuk manajemen dan analisis log dari sebuah komputer diantaranya metode Grafana Loki dan ELK Stack. Sehingga dampak dari perkembangan ini menimbulkan banyak variasi dan ketidaktahuan para administrator dalam menentukan metode mana yang sesuai dengan kebutuhan mereka. Pada penelitian ini menganalisis performa dari kedua metode tersebut terhadap server honeypot saat terjadi serangan dengan parameter penggunaan CPU dan Memori, kedua parameter tersebut merupakan standar untuk para administrator dalam mempertimbangkan metode yang akan dipilih. Kesimpulan dari penelitian ini bahwa berdasarkan parameter yang digunakan metode Grafana Loki lebih efisien dari segi pemakaian CPU dan Memori dibandingkan metode ELK Stack, Grafana Loki sangat ringan untuk diimplementasikan tetapi dengan fitur yang terbatas, sedangkan ELK Stack lebih banyak memakai resource CPU dan Memori tetapi mempunyai fitur yang lebih lengkap.Kata Kunci : Performa, Honeypot, ELK Stack, Grafana Loki

References

D. Hariyadi and F. Fazlurrahman, ‘MEMBANGUN TELEGRAMBOT UNTUK CRAWLING MALWARE OSINT MENGGUNAKAN RASPBERRY PI’, IJUBI, vol. 2, no. 1, p. 18, Jun. 2019, doi: 10.21927/ijubi.v2i1.996.

M. Aldairi, L. Karimi, and J. Joshi, ‘A Trust Aware Unsupervised Learning Approach for Insider Threat Detection’, in 2019 IEEE 20th International Conference on Information Reuse and Integration for Data Science (IRI), Los Angeles, CA, USA, Jul. 2019, pp. 89–98. doi: 10.1109/IRI.2019.00027.

D. K. Rahmatullah, S. M. Nasution, and F. Azmi, ‘Implementation of low interaction web server honeypot using cubieboard’, in 2016 International Conference on Control, Electronics, Renewable Energy and Communications (ICCEREC), Bandung, Indonesia, Sep. 2016, pp. 127–131. doi: 10.1109/ICCEREC.2016.7814970.

S. J. Son and Y. Kwon, ‘Performance of ELK stack and commercial system in security log analysis’, in 2017 IEEE 13th Malaysia International Conference on Communications (MICC), Johor Bahru, Nov. 2017, pp. 187–190. doi: 10.1109/MICC.2017.8311756.

T. Li et al., ‘FLAP: An End-to-End Event Log Analysis Platform for System Management’, in Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, Halifax NS Canada, Aug. 2017, pp. 1547–1556. doi: 10.1145/3097983.3098022.

S. Adike, V. Krishna, and B. S. Devender, ‘Design and Performance of an Event Handling and Analysis Platform for vSGSN-MME event using the ELK stack’, p. 65.

N. Sukma, W. Srisawat, P. Sa-nga-ngam, and A. Leelasantitham, ‘An Analysis of Log Management Practices to reduce IT Operational Costs Using Big Data Analytics’, in 2019 4th Technology Innovation Management and Engineering Science International Conference (TIMES-iCON), Bangkok, Thailand, Dec. 2019, pp. 1–5. doi: 10.1109/TIMES-iCON47539.2019.9024400.

A. F. Rochim, M. A. Aziz, and A. Fauzi, ‘Design Log Management System of Computer Network Devices Infrastructures Based on ELK Stack’, in 2019 International Conference on Electrical Engineering and Computer Science (ICECOS), Batam Island, Indonesia, Oct. 2019, pp. 338–342. doi: 10.1109/ICECOS47637.2019.8984494.

M. M. Mustofa and E. Aribowo, ‘PENERAPAN SISTEM KEAMANAN HONEYPOT DAN IDS PADA JARINGAN NIRKABEL (HOTSPOT)’, vol. 1, p. 8, 2013.

A. P. Atmaja and S. V. Yulianto, ‘Pemanfaatan Elasticsearch untuk Temu Kembali Informasi Tugas Akhir’, TEKNOSI, vol. 4, no. 3, pp. 160–167, Jan. 2019, doi: 10.25077/TEKNOSI.v4i3.2018.160-167.

M. Bajer, ‘Building an IoT Data Hub with Elasticsearch, Logstash and Kibana’, in 2017 5th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), Prague, Aug. 2017, pp. 63–68. doi: 10.1109/FiCloudW.2017.101.

W. Sholihah, S. Pripambudi, and A. Mardiyono, ‘Log Event Management Server Menggunakan Elastic Search Logstash Kibana (ELK Stack)’, jtim, vol. 2, no. 1, pp. 12–20, May 2020, doi: 10.35746/jtim.v2i1.79.

P. H. Putra, ‘IMPLEMENTASI LOG MANAGEMENT SERVER MENGGUNAKAN ELK (ELASTIC SEARCH, LOGSTASH DAN KIBANA) STACK PADA SERVER WEB SNORT DI PT.XYZ’, p. 7, 2020.

O. Márton, ‘Integration of standard datasources with interactive data visualization solutions’, p. 51.

M. Brattstrom and P. Morreale, ‘Scalable Agentless Cloud Network Monitoring’, in 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud), New York, NY, USA, Jun. 2017, pp. 171–176. doi: 10.1109/CSCloud.2017.11.

A. H. C. Mukai et al., ‘Architecture of the data aggregation and streaming system for the European Spallation Source neutron instrument suite’, J. Inst., vol. 13, no. 10, pp. T10001–T10001, Oct. 2018, doi: 10.1088/1748-0221/13/10/T10001.

E. Betke and J. Kunkel, ‘Real-Time I/O-Monitoring of HPC Applications with SIOX, Elasticsearch, Grafana and FUSE’, in High Performance Computing, vol. 10524, J. M. Kunkel, R. Yokota, M. Taufer, and J. Shalf, Eds. Cham: Springer International Publishing, 2017, pp. 174–186. doi: 10.1007/978-3-319-67630-2_15.

P. K. Paul, P. S. Aithal, R. Saavedra, B. Aremu, and P. Baby, ‘Cloud Service Providers: An Analysis of Some Emerging Organizations and Industries’, p. 12.

Downloads

Published

2021-12-01

Issue

Vol. 10 No. 3 (2021): NOVEMBER

Section

Articles

License

The copyright of the article that accepted for publication shall be assigned to Jurnal Sisfokom (Sistem Informasi dan Komputer) and LPPM ISB Atma Luhur as the publisher of the journal. Copyright includes the right to reproduce and deliver the article in all form and media, including reprints, photographs, microfilms, and any other similar reproductions, as well as translations.

Jurnal Sisfokom (Sistem Informasi dan Komputer), LPPM ISB Atma Luhur, and the Editors make every effort to ensure that no wrong or misleading data, opinions or statements be published in the journal. In any way, the contents of the articles and advertisements published in Jurnal Sisfokom (Sistem Informasi dan Komputer) are the sole and exclusive responsibility of their respective authors.

Jurnal Sisfokom (Sistem Informasi dan Komputer) has full publishing rights to the published articles. Authors are allowed to distribute articles that have been published by sharing the link or DOI of the article. Authors are allowed to use their articles for legal purposes deemed necessary without the written permission of the journal with the initial publication notification from the Jurnal Sisfokom (Sistem Informasi dan Komputer).

The Copyright Transfer Form can be downloaded [Copyright Transfer Form Jurnal Sisfokom (Sistem Informasi dan Komputer).

This agreement is to be signed by at least one of the authors who have obtained the assent of the co-author(s). After submission of this agreement signed by the corresponding author, changes of authorship or in the order of the authors listed will not be accepted. The copyright form should be signed originally, and send it to the Editorial in the form of scanned document to sisfokom@atmaluhur.ac.id.