IMPLEMENTASI WAZUH SEBAGAI SISTEM MONITORING KEAMANAN SERVER DENGAN ELASTIC STACK DAN NOTIFIKASI TELEGRAM

    Rifki Ahmad Fauzan, - and Devi Aprianti Rimadhani Agustini, - and Muhammad Taufik Dwi Putra, - (2025) IMPLEMENTASI WAZUH SEBAGAI SISTEM MONITORING KEAMANAN SERVER DENGAN ELASTIC STACK DAN NOTIFIKASI TELEGRAM. S1 thesis, Universitas Pendidikan Indonesia.

    Abstract

    Serangan siber yang semakin kompleks menuntut adanya sistem pemantauan keamanan server yang efektif, real-time, dan terintegrasi. Penelitian ini mengimplementasikan Wazuh sebagai sistem monitoring keamanan, diintegrasikan dengan Elastic Stack untuk visualisasi data dan pengolahan data, serta notifikasi Telegram untuk peringatan dini. Infrastruktur terdiri dari tiga server berbasis Ubuntu, yaitu satu server Wazuh Manager dan dua server Wazuh Agent. Pengujian dilakukan terhadap enam jenis serangan: brute force, Distributed Denial of Service (DDoS), SQL Injection, Cross-Site Scripting (XSS), malware, dan file integrity tampering. Metode penelitian menggunakan pendekatan Design and Development (D&D) dalam membangun sistem monitoring keamanan server. Hasil pengujian kedua server menunjukkan bahwa pada konfigurasi IP lokal, sistem berhasil mendeteksi seluruh serangan yang diuji dengan rata rata waktu 2 detik. Sedangkan Wazuh pada IP publik hanya mendeteksi empat jenis serangan dengan waktu rata rata 2,25 detik. Keterbatasan ini disebabkan oleh adanya pembatasan port scanning, filtering, dan perbedaan alur trafik pada jaringan publik yang menghambat perekaman log serangan secara penuh. Pengiriman pesan notifikasi ke Telegram Berhasil terkirim dalam waktu 1 detik dan Elastic Stack dapat menampilkan log dari Wazuh. Kesimpulannya, implementasi Wazuh dengan Elastic Stack dan notifikasi Telegram efektif untuk monitoring keamanan server di lingkungan jaringan internal, namun memerlukan penyesuaian tambahan untuk deteksi pada jaringan publik. ------------ The increasing complexity of cyberattacks requires an effective, real-time, and integrated server security monitoring system. This research implements Wazuh as a security monitoring system, integrated with the Elastic Stack for data visualization, and Telegram notifications for early warning alerts. The infrastructure consists of three Ubuntu-based servers, comprising one Wazuh Manager and two Wazuh Agents. The testing involved six types of attacks: brute force, Distributed Denial of Service (DDoS), SQL Injection, Cross-Site Scripting (XSS), malware, and file integrity tampering. The research method applied in this study adopts the Design and Development (D&D) approach to build a server security monitoring system. The testing results on both servers indicate that, under the local IP configuration, the system was able to detect all simulated attacks with an average detection time of 2 seconds. Meanwhile, when using a public IP configuration, Wazuh successfully detected only four types of attacks, with an average detection time of 2.25 seconds. This limitation is caused by restrictions on port scanning, filtering, and differences in traffic flow on public networks, which hinder the full recording of attack logs. The notification message was successfully sent to Telegram within 1 second, and the Elastic Stack was able to display logs from Wazuh. In conclusion, the implementation of Wazuh with Elastic Stack and Telegram notifications is effective for monitoring server security in an internal network environment, but requires additional adjustments for detection on a public network.

    Baca Full Text klik disini
    [thumbnail of S_TEKOM_2101185_Title.pdf] Text
    S_TEKOM_2101185_Title.pdf
    Download (716kB)
    [thumbnail of S_TEKOM_2101185_Chapter1.pdf] Text
    S_TEKOM_2101185_Chapter1.pdf
    Download (302kB)
    [thumbnail of S_TEKOM_2101185_Chapter2.pdf] Text
    S_TEKOM_2101185_Chapter2.pdf
    Restricted to Staf Perpustakaan
    Download (430kB)
    [thumbnail of S_TEKOM_2101185_Chapter3.pdf] Text
    S_TEKOM_2101185_Chapter3.pdf
    Download (640kB)
    [thumbnail of S_TEKOM_2101185_Chapter4.pdf] Text
    S_TEKOM_2101185_Chapter4.pdf
    Restricted to Staf Perpustakaan
    Download (1MB)
    [thumbnail of S_TEKOM_2101185_Chapter5.pdf] Text
    S_TEKOM_2101185_Chapter5.pdf
    Download (262kB)
    [thumbnail of S_TEKOM_2101185_Appendix.pdf] Text
    S_TEKOM_2101185_Appendix.pdf
    Restricted to Staf Perpustakaan
    Download (10MB)
    Official URL: https://repository.upi.edu/
    Item Type: Thesis (S1)
    Additional Information: https://scholar.google.com/citations?hl=en&user=UOykZowAAAAJ&authuser=1&scilu=&scisig=ACUpqDcAAAAAaLgBxTG2qTK2u3acKOHZTPGkWNg&gmla=AH8HC4yYyLuEhecwqoZO64b2qXepjNdKamFDHPcZq58zqhshCH9_8B_gjbf1E1Fp5eTwegWbUq_7bfcvejdzJTYiwRnf25fZlKDgw6E&sciund=12480481218512807802 ID Sinta Dosen Pembimbing: Devi Aprianti Rimadhani Agustini: 6745751 Muhammad Taufik Dwi Putra: 6745726
    Uncontrolled Keywords: Wazuh, Elastic Stack, Keamanan Server, Telegram, Server Security
    Subjects: L Education > L Education (General)
    Q Science > QA Mathematics > QA75 Electronic computers. Computer science
    Q Science > QA Mathematics > QA76 Computer software
    T Technology > T Technology (General)
    Divisions: UPI Kampus cibiru > S1 Teknik Komputer
    Depositing User: Rifki Ahmad Fauzan
    Date Deposited: 18 Sep 2025 06:51
    Last Modified: 18 Sep 2025 06:51
    URI: http://repository.upi.edu/id/eprint/137563

    Actions (login required)

    View Item View Item