Here at Graylog, we have recently had an increase in conversations with security teams from leading companies. We want to share our key findings with the Graylog community. The good thing is that cybercriminals use a methodical approach when planning an attack. By understanding their process and knowing your network, you will be better prepared and able to stay one step ahead.

As all Papertrail fans know, sending logs to Papertrail using syslog is quick and easy. Generating and transmitting syslog packets usually involves just 2 – 4 lines of code, and you can see your logs flowing into Papertrail in minutes. There are times, however, when you just can’t use syslog or install a remote_syslog2 daemon. This is where the new support for sending logs via HTTP comes in. And the best news is, it’s just as quick and easy to set up.

Isn’t all logging pretty much the same? Logs appear by default, like magic, without any further intervention by teams other than simply starting a system… right? While logging may seem like simple magic, there’s a lot to consider. Logs don’t just automatically appear for all levels of your architecture, and any logs that do automatically appear probably don’t have all of the details that you need to successfully understand what a system is doing.

In this tutorial, we will be using Heroku to deploy our Node.js application through CircleCI using Docker. We will set up Heroku Continuous Integration and Deployment (CI/CD) pipelines using Git as a single source of truth. Containerization allows developers to create and deploy applications faster with a wide range of other benefits like increased security, efficiency, agility to integrate with DevOps pipelines, portability, and scalability.

We’re excited to announce the first version release of our new dashboard framework: Dashboard (New). Built on top of a scalable, flexible, and extensible charting system, the new dashboards provide customers with deep control over their visuals, enable metadata rich workflows, and create dashboards in a dashboard first GUI.

There are two ways you can view the current mappings on your Logit ELK Stacks. One way is to use dev tools in Kibana. You can access Kibana from any of your dashboards by choosing from your dashboard Stack settings > Access Kibana. You can also search for a specific mapping of an Index name. For example if we wanted to see the mappings for the a Filebeat index name we can run the following to return only the desired mappings.

Amazon Elastic Kubernetes Service (Amazon EKS) is the fully managed Kubernetes service on AWS. If you’re using it and wondering how to query all your logs in one place, Loki is the answer. With this tutorial, you’ll learn how to set up Promtail on EKS to get full visibility into your cluster logs while using Grafana. We’ll start by forwarding pods logs then nodes services and finally Kubernetes events.

Imagine it’s 3 AM, you’ve just been paged for a critical issue- queues filling up quickly, and you don’t know why. You turn to logs, looking for something abnormal, a change that could explain what is happening so you can fix it. Sound familiar? Unfortunately, searching through logs to uncover changes is a time-consuming process.

OneLogin is one of the top leading Unified Access Management platforms, enabling organizations to manage and Access their cloud applications in a secure way. OneLogin makes it simpler and safer for organizations to access the apps and data they need anytime, everywhere. This post will show you how Coralogix can provide analytics and insights for your OneLogin log data – including performance and security insights.