So, you’ve done your homework, you’ve clearly defined business requirements, and you’ve decided to implement a SIEM solution into your organization. However, before you set out on this adventure there are a quite a few questions to consider.

We are happy to announce that Graylog v2.5 is now available. This release includes several new features, including support for Elasticsearch 6.x, along with numerous bug fixes.

Investing in a log analysis tool provides many benefits: it saves time needed to detect and troubleshoot a problem, reduces churn by providing a better user experience, and improves system security. There is a wide scope of use cases for log analysis - from tackling security and performance issues head-on to enhancing the quality of your services. What are some of the most common use cases for log file analysis?

In the digital era, we need to track and record all of our data at all times. From a user logging into the dashboard to database queries, JavaScript errors, and website traffic, everything that matters is recorded in a log. You name it, and with due probability, you already have time-stamped documentation of all the events saved somewhere in the form of a log.

With so many choices available to us today, choosing log management software that’s just right for us has never been simpler. That is, if you know exactly what it is you are looking for. But for many users, the sheer amount of computer programs that perform the same tasks, and seem so similar(sometimes almost identical) to each other, can quickly become off-putting and confusing.

Most organizations use their SIEM solution to automate repetitive security tasks, saving analysts time. But the reality is your system could be doing—and saving—so much more by blocking the obvious threat actors attempting to connect with your network, systems, and assets.

Do you need better insight into the overall state of your network security? Take a step back and look through the larger lens of the SIEM solution. Security information and event management (SIEM) is an approach to security management that combines two aspects...

Ever since humankind developed the ability to write, much of our progress has been made thanks to recording and using data. In ages long past, notes were made on the production and gathering of resources, the exact number of available soldiers and other important personnel, and were compiled and stored by hand. Because of this documentation method, important information was also prone to being misplaced, lost, or even mishandled.

Servers take a lot of requests daily, we know that…We also know that the server responds instantly. But who makes the request? What do they want, and what exactly are they looking for? Where do these visitors come from? How often they are making a request: once a month, once a day, almost every minute? Well, answers to these, and potentially a lot more questions, can be found in a single place - the server log file.

Companies are generating massive amounts of data every minute. It’s impossible, unrealistic, and cost-prohibitive for analysts to spot every threat. That’s why even though breaches are in decline year over year, the first quarter of 2018 saw 686 breaches that exposed 1.4 billion records through hacking, skimming, inadvertent Internet disclosure, phishing, and malware.