One of the most important events you should be monitoring on your network is failed and successful logon events. What comes to most people’s minds when they think of authentication auditing is OS level login events, but you should be logging all authentication events regardless of application or platform. Not only should we monitor these events across our network, but we should also normalize this data so that we can correlate events between these platforms.

Parsers make it easier to dig deep into your data to get every byte of useful information you need to support the business. They tell Graylog how to decode the log messages that come in from a source, which is anything in your infrastructure that generates log messages (e.g., a router, switch, web firewall, security device, Linux server, windows server, an application, telephone system and so on).

Even before the push to the cloud, your company was a Microsoft shop. From workstations to servers, you’ve invested heavily in the Microsoft ecosystem because it gave your business all the technologies necessary for success. As part of your organization’s digital transformation strategy, Azure offered the easiest onboarding experience.

Organizations collect technologies like kids collecting baseball cards. As a company’s IT strategy matures, it adds new technologies to supplement previously existing ones, just like kids add new rookie cards to their collections of classics. While kids can leave their baseball cards randomly piled in a shoebox, organizations need to carefully identify and track their IT assets so that they can appropriately manage digital performance and cybersecurity.