Implementation of Intrusion Detection System Using Snort and Log Visualization Using ELK Stack
Fatih Dien Robbani·Rosdiana Rosdiana·Ary Kurniawan·Tri Agus Riyadi·Emy Haryatmi·Riza Adrianti Supono
Cyber threats like malware, ransomware, and DDoS attacks demand fast and integrated detection systems. Traditional network monitoring tools often struggle to identify complex real-time attack patterns. This study evaluates the integration of Snort, an Intrusion Detection System (IDS), with the ELK Stack (Elasticsearch, Logstash, Kibana) to detect and visualize cyberattacks effectively. The system was tested against three attack scenarios: a Windows ping flood, port scanning using Zenmap, and SSH