Design And Implementation Of Centralized Log Analysis System For Campus Network Based On Elastic Stack

In recent years,with the rapid development of Internet technology,abundant network resources and intelligent terminals are gradually changing people's lives.Campus network.Campus network involves all departments of the school.It not only provides a good environment for teaching,scientific research and management,but also serves as one of the infrastructure equipment of the whole school,and even an important basis for the realization of campus informatization.Only the campus network environment is stable,safe and reliable,can teachers and students work and study safely in the campus network,give full play to all kinds of learning resources in the school,at the same time,it is also conducive to the management,maintenance and expansion of related equipment.However,a large number of server devices and various kinds of servers generate a large number of logs in the operation of the system to bring great pressure to the monitoring staff,the system status,fault location and security issues need to be addressed by the management and analysis of security logs.Traditional decentralized processing methods are far from meeting the current needs,so it is particularly important to build a log system that can collect,analyze and store logs centrally and display logs visually.This paper is based on the analysis of log data of network equipment in a university.Aiming at the common log analysis in campus network and the problems faced in the analysis and management of security log,it makes a detailed analysis and summary.It mainly studies the centralized log analysis platform based on Elastic Stack.The centralized log analysis platform mainly includes four modules:log data collection module,log data analysis module,log data storage module and log data display module.According to the requirements of the overall function and the actual business process,the four functional modules are analyzed and designed in detail,and the functions of each module are successfully realized.The main four functional modules of this platform can cooperate with each other and work together to realize the functions of collecting,analyzing,storing and displaying various security logs.Finally,the log sub-platform is tested.The results show that the modules are coordinated and unified.The search of log information and the visualization of real-time data are realized,and the log processing ability and fault response ability of campus network are improved.