In computing, an audit log is a record of an event. An event is any significant action that impacts the hardware or software of a computer – anything from a mouse click to a program error. Besides documenting which resources were accessed and what for, an audit file system will also include the source and destination addresses, the timestamp, and the user ID information.

All engineering teams strive to build the best product they can as quickly as possible. Some, though, stumble into a false dichotomy of choosing between speed and quality. While that choice may have been necessary in the past, it’s not the case today. What I’d like to do in this article is explain why.

In this four-part series, Combating threats with UEBA, we explore hypothetical cyberattacks inspired by real-life events in four different industries: healthcare, finance, manufacturing, and education. We’ll take a look at unforeseen security attack scenarios, and discover how user and entity behavior analytics (UEBA) can be leveraged to safeguard organizations.

Multi-line logs such as stack traces give you lots of very valuable information for debugging and troubleshooting application problems. But, as anyone who has tried knows, it can be a challenge to collect stack traces and other multi-line logs so that you can easily parse, search, and use them to identify problems. This is because, without proper configuration, log management services and tools do not treat multi-line logs as a single event.

Today we are officially releasing Graylog v3.1.1 This release brings a whole new AWS Kinesis/CloudWatch Input to Graylog. The new input guides the user through the setup process and performs validation checks along the way. It also supports an automated CloudWatch Logs to Kinesis Streams setup, eliminating the complexity of manual setup.

We hope you guys managed to rest over the summer because we sure didn’t. Our engineering team has been working hard on developing new features and enhancements, some of which may have flown under your radar. To help you catch up, here’s a short recap of the latest and greatest from Logz.io with relevant referrals to read up more about the different items.

At Coralogix, we strive to ensure that our customers get a stable, real-time service at scale. As part of this commitment, we are constantly improving our data ingestion pipeline resiliency and performance. Coralogix ingests messages at extremely high rates — up to tens of billions of messages per day. Every one of these records needs to go through our entire pipeline at near real-time rates: validation, parsing, classification, and ingestion to Elasticsearch.

Every organization that handles large volumes of data should implement an archiving system to separate active from inactive data, including log files. With recent changes in data laws in the EU and the growing needs for log archiving, finding a quality file storage and archiving solution is more important than ever. We will discuss the reasons for archiving data and show you how to successfully store logs and use the Archive feature in Graylog Enterprise.

Managed Security Service Providers (MSSP) are IT companies that operate some portion of their customer’s security infrastructure such as firewalls, VPNs, spam / antivirus systems, and intrusion detection tools.