Operations | Monitoring | ITSM | DevOps | Cloud

Latest Posts

How Big Data and Log management work hand in hand

As Stephen Marsland once said, “if data had mass, the earth would be a black hole.” A vast part of the immense amount of structured and unstructured data that we call “Big Data” is nothing but machine-originated log data. Logs are generated for a lot of different purposes – from security to debugging and troubleshooting. They constitute a gold mine of useful information and actionable insights if properly stored, managed, and analyzed.

3 Steps to Structuring Logs Effectively

In order to analyze logs efficiently, they must be structured effectively. Often, logs from different sources label data fields differently and/or provide data that’s completely unstructured. The problem is that both types of data need to be structured appropriately in order to key in on particular elements within the log data, such as: Monitoring on source address, Applying rules associated with user names, and Creating alerts for destination addresses.

An Introduction to Graylog Aggregation Charts

It’s Sunday afternoon, and you’re having a nice relaxing weekend, sitting down watching your favorite sporting event. While enjoying the game, you get a high alert email on your phone, noting something’s going on and you need to jump into action. What do you do in these high stress times? Every second counts, and everyone is waiting on you to tell them what’s happening.

What Are the Benefits of Monitoring Event Logs?

If you maintain a regular practice of keeping log data, you probably have an established way of observing event logs in real time or you do it by using batch processing. There are two ways you can monitor event logs: manually and automatically. By monitoring event logs, you can gain deeper insight into system metrics, localize process bottlenecks, and detect security vulnerabilities. What are some other advantages of event log monitoring, and how can you get the most out of it?

Announcing Graylog v3.0 Release Candidate 1

Today we are releasing the first release candidate of Graylog v3.0. This release brings a whole new content pack system, an overhauled collector sidecar, reporting capabilities, improved alerting with greater flexibility, a new script alert notification plugin, support for Elasticsearch 6.x, a preview version of an awesome new search page called Views, and tons of other improvements and bug fixes.

Next-Level Threat Hunting: Shift Your SIEM from Reactive to Proactive

Threat hunting is proactively identifying and thwarting unusual network activity that could indicate an attempted security breach. It's a historically manual activity, making it time-intensive and arduous. It’s no wonder, then, why most organizations don’t have the time, budget, or resources to undertake it effectively…if at all.