I. V. Kotenko, A. A. Kuleshov, I. A. Ushakov, “A system for collecting, storing and processing security information and events based on Elastic Stack tools”, Tr. SPIIRAN, 54 (2017), 5

Trudy SPIIRAN

RUS ENG

JOURNALS PEOPLE ORGANISATIONS CONFERENCES SEMINARS VIDEO LIBRARY PACKAGE AMSBIB

JavaScript is disabled in your browser. Please switch it on to enable full functionality of the website

	General information
	Latest issue
	Archive

	Search papers
	Search references

	RSS
	Latest issue
	Current issues
	Archive issues
	What is RSS

Informatics and Automation:
Year:
Volume:
Issue:
Page:
	Find

Personal entry:
Login:
Password:
	Save password
	Enter
	Forgotten password?
	Register

Trudy SPIIRAN, 2017, Issue 54, Pages 5–34
DOI: https://doi.org/10.15622/sp.54.1 (Mi trspy964)

This article is cited in 5 scientific papers (total in 5 papers)

Information Security

A system for collecting, storing and processing security information and events based on Elastic Stack tools

I. V. Kotenko^a, A. A. Kuleshov^b, I. A. Ushakov^b

^a St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences (SPIIRAS)
^b Federal State Budget-Financed Educational Institution of Higher Education, The Bonch-Bruevich Saint - Petersburg State University of Telecommunications (SPbSUT)

Full-text PDF (1657 kB) Citations (5)

DOI: https://doi.org/10.15622/sp.54.1

Abstract: The paper considers an approach to the design of a system for data and security events collecting, storing and processing based on Elastic Stack tools. The tasks of monitoring and incident management are analyzed; architectural solutions for monitoring systems are studied; requirements to such systems are defined; and the architecture of systems for data and security events collecting, storing and processing is suggested. The developed software prototype of such system is described, and the results of experiments are specified.

Keywords: security information and event management; Big Data; SIEM systems; Elastic Stack; Elasticsearch; Logstash; Kibana.

Funding agency	Grant number
Russian Science Foundation	15-11-30029
This research is supported by RSF (project № 15-11-30029).

Bibliographic databases:

Document Type: Article

UDC: 004.056.53

Language: Russian

Citation: I. V. Kotenko, A. A. Kuleshov, I. A. Ushakov, “A system for collecting, storing and processing security information and events based on Elastic Stack tools”, Tr. SPIIRAN, 54 (2017), 5–34

Citation in format AMSBIB

\Bibitem{KotKulUsh17}

\by I.~V.~Kotenko, A.~A.~Kuleshov, I.~A.~Ushakov

\paper A system for collecting, storing and processing security information and events based on Elastic Stack tools

\jour Tr. SPIIRAN

\yr 2017

\vol 54

\pages 5--34

\mathnet{http://mi.mathnet.ru/trspy964}

\crossref{https://doi.org/10.15622/sp.54.1}

\elib{https://elibrary.ru/item.asp?id=30282018}

Linking options:

https://www.mathnet.ru/eng/trspy964

https://www.mathnet.ru/eng/trspy/v54/p5

This publication is cited in the following 5 articles:

Citing articles in Google Scholar: Russian citations, English citations
Related articles in Google Scholar: Russian articles, English articles

Что такое QR-код?

Registration to the website

Logotypes