System Architecture
| Service | Explanation |
|---|---|
| Snort | In this version of Mata Elang, the sensor uses Snort™ as the core IDS engine. |
| Mosquitto | In the process of Kafka, the data will be received and processed by the MQTT server. In MQTT the data will be processed by coding and simplification using Kafka Avro. Then it will be connected to the confluent so that the data is ready to proceed to spark via Apache Kafka. |
| Kafka | The data collection process is a continuation stage after the sensor receives data attacks that occur on a network. In conducting data collection, the system uses Apache Kafka. Kafka here is a bridge between the sensor and spark as the primary data processors. |
| Spark | Data processing in the Mata Elang system uses Apache Spark. The Apache Spark feature used in data processing is a streaming feature that can record and process data in live time. In streaming processing, Spark will stream brokers to Kafka. |
| Hadoop | Hadoop Distributed File System is used in Mata Elang. A large amount of data received from Spark that does not fit in the storage of one server is divided into several servers and managed. |
| OpenSearch | A system for displaying the data stored in kafka |