International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 11 Issue: 05 | May 2024
www.irjet.net
p-ISSN: 2395-0072
PROACTIVE SECURITY MONITORING IN THE CLOUD: BUILDING EFFICIENT PIPELINES WITH CRIBL AND SPLUNK ON AWS INFRASTRUCTURE Karthik Jataprole Workday Inc., USA -------------------------------------------------------------------------***-----------------------------------------------------------------------ABSTRACT Real-time security monitoring and alerting are crucial for protecting cloud environments from cyber threats. As organizations increasingly adopt Amazon Web Services (AWS), building effective monitoring pipelines becomes essential [1]. This article explores the integration of Cribl and Splunk to create robust real-time security monitoring solutions in AWS. It discusses the challenges of threat detection in the cloud [2], provides an overview of Cribl and Splunk [3, 4], and examines the architecture of real-time monitoring pipelines [5]. Techniques for data ingestion, transformation, and enrichment using AWS services and Splunk are explored [6, 7], along with real-time alerting configuration [8] and integration with AWS security services [9]. The article addresses performance optimization, scalability [10], and includes case studies demonstrating effective security monitoring practices [11]. It concludes by discussing future trends in real-time security monitoring, considering technological advancements, evolving threat landscapes, and regulatory requirements [12]. Keywords: Real-time security monitoring, AWS environment, Cribl and Splunk integration, Data ingestion and transformation, Compliance and regulatory requirements
INTRODUCTION In today's rapidly evolving cloud landscape, real-time security monitoring and alerting have become paramount for organizations seeking to protect their critical assets and data from ever-increasing cyber threats [1]. As more enterprises migrate their infrastructure to Amazon Web Services (AWS), the need for effective monitoring solutions that can detect and respond to security incidents promptly has never been greater [3]. However, building comprehensive monitoring pipelines can be challenging, requiring the integration of multiple tools and services to ensure seamless data ingestion, transformation, analysis, and alerting. This article explores the powerful combination of Cribl and Splunk, two leading
© 2024, IRJET
|
Impact Factor value: 8.226
|
ISO 9001:2008 Certified Journal
|
Page 393