COMPUTER SCIENCE
and ENGINEERING

In view of the increasingly prominent problem of network space security, the management and analysis of network security log is a very important defense means in the security field. Aiming at the practical problems of network security log management analysis system, with the log management and analysis system as the main object of the research, combined with the problems of log system and the current research status of log analysis algorithm, this paper designs the management and analysis system of network security log based on ELK, used to manage and analyze large amounts of logs. The results show that the proposed method enhances the system's functions of crawling and analyzing, especially the log retrieval ability, and combines with the large data storage technology, improving the performance of the whole system.

ELK, Network security log, PCA, One-class SVM, Log management analysis