Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Förstudie till införandet av centralt loggsystem hos Försvarsmakten
Karlstad University, Faculty of Economic Sciences, Communication and IT.
2011 (Swedish)Independent thesis Advanced level (degree of Master (Two Years)), 30 credits / 45 HE creditsStudent thesisAlternative title
Prestudy for the Introduction of a Central Logging System for the Swedish Armed Forces (English)
Abstract [en]

Modern IT systems tend to become more and more complex, while the number of active systems in companies increases. Furthermore, the number of security-related incidents is at an all-time high. These new conditions impose new demands on organizations. For example, it is no longer possible to manually collect and examine the systems log messages.

The purpose of this thesis has been to make a comprehensive study of solutions for automated collecting and managing of log messages, analyze the Swedish Armed Forces specification for solutions for central log collection and management, and evaluating exis- ting solutions. The work consisted primarily of literature studies and evaluations of two of the Swedish Armed Forces of selected products: NetIQ Security Manager and Splunk. The conclusion was that neither of the two products met the non-optional requirements posed by the specification. I personally think that the Swedish Armed Forces’ requirements specification for the central log management is far too strict and should hence be revised. A number of requirements in the current specification can be removed. Other requirements should be reformulated and/or re-evaluated.

Abstract [sv]

Moderna IT-system tenderar att bli mer och mer komplexa, samtidigt som antalet ak- tiva system i ett fo ̈retag o ̈kar. Vidare a ̈r antalet sa ̈kerhetsrelaterade incidenter ho ̈gre a ̈n n ̊agonsin. Dessa nya omsta ̈ndigheter sta ̈ller nya krav p ̊a organisationer. Exempelvis a ̈r det inte la ̈ngre mo ̈jligt att manuellt samla in och granska systemens loggmeddelanden.

Avsikten med den ha ̈r uppsatsen har varit att go ̈r en o ̈vergripande granskning av lo ̈sningar fo ̈r automatisk insamling och analys av loggmeddelanden, analysera de krav som Fo ̈rsvarsmakten sta ̈ller p ̊a lo ̈sningar fo ̈r central logghantering, samt utva ̈rdera befintliga lo ̈sningar. Arbetet bestod huvudsakligen av litteraturstudier samt utva ̈rderingar av tv ̊a av Fo ̈rsvarsmakten utvalda produkter: NetIQ Security Manager och Splunk. Slutsatsen blev att ingen av de tv ̊a produkterna uppfyller Fo ̈rsvarsmaktens samtliga krav fo ̈r central logghantering. Personligen anser jag att Fo ̈rsvarsmaktens kravspecifikation fo ̈r central logg- hantering a ̈r fo ̈r strikt och bo ̈r omarbetas. Ett antal krav i den nuvarande specifikationen kan med fo ̈rdel tas bort. Andra krav bo ̈r omformuleras och/eller omva ̈rderas.

Place, publisher, year, edition, pages
2011. , 349 p.
Keyword [en]
SIEM, Syslog, EVT, EVTX, IDXP, Splunk, NetIQ Security Manager
National Category
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-7885OAI: oai:DiVA.org:kau-7885DiVA: diva2:428427
Subject / course
Computer Science
Presentation
2011-06-10, 21D 313, Karlstads universitet, Universitetsgatan 2, Karlstad, 13:15 (Swedish)
Uppsok
Technology
Supervisors
Examiners
Available from: 2011-07-05 Created: 2011-06-30 Last updated: 2011-07-05Bibliographically approved

Open Access in DiVA

fulltext(6017 kB)1606 downloads
File information
File name FULLTEXT01.pdfFile size 6017 kBChecksum SHA-512
c2b96bc4144f6656d1f54a8fb4012941aae36bd229f0aabfe2fd1e65e190c10d1b42d9edc286d299378945d7db10e6e52c8815280cd5078ce3fa3c4bab7274b4
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Hellqvist, Olof
By organisation
Faculty of Economic Sciences, Communication and IT
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 1606 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 515 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf