Trusted full-featured log management.

Open Source. Built for Security, Operations, and DevOps.

all

Screen security 2e0aef21ea69741f0fe5c528725f01608828e785e5e9ed2cb0fa784cb122df23

Use Case

Computer & Network Security

Perimeter security using firewalls and malware scanners is no longer enough. Key to modern intrusion prevention is observability and monitoring of all activity in your networks.

Network Security Monitoring

With Graylog you can observe any established or rejected network connection, find those that are unusual to tighten rules and mitigate attacker activity.

Intrusion Detection

By integrating other intrusion detection systems (IDS) like Snort or Bro you can correlate detected activity with logs from all across your infrastructure.

Learn more

Use Case

IT Operations

With Graylog you can centrally collect the syslog and EventLog messages of your complete infrastructure, spot problems early and resolve issues faster. No more logging into multiple devices to parse plain text log files.

Monitor & Alert

Prevent downtime with automated alerts in case of crossed error thresholds and fix production issues faster with a centralized view on all messages and trends.

Compliance

Information security standards like PCI DSS or HIPAA require you to store log messages for a certain amount of time. Graylog enables you to do this cost effectively.

Learn more

Screen search 32328ac9373f69348986e0033644c4a8098f5ae01270c3fef099aab6f05c3bbc

Screen streams f6706b7c8bedacf9d45ff5db1c69470d0b91d5cac686a0e929a151552120ab08

Use Case

Development & DevOps

The original use-case of Graylog: Monitoring of distributed applications at any time and on demand. The first sign of any production issue is always elevated rates of exceptions or errors.

Tear Down The Walls

Save time by giving tiered access to anyone in the organization so developers can see operating systems logs and IT Ops people can see application logs on demand.

Root Cause Analysis

A customer is triggering an error and you have to figure out why? Just search for the customer's user ID and find all the relevant logs instead of going onto a /usr/bin/grep hunt.

Learn more

"message": {
  "_id": "438d9a92-bccd-11e6-b83b-1cc1de269dc4",
  "message": "ACCEPT TCP 10.10.15.250:38028 -> 54.225.214.228:443",
  "timestamp": "2016-12-07T19:45:03.941Z",
  "log_type": "netflow",
  "protocol": "TCP",
  "action": "ACCEPT",
  "src_addr": "10.10.15.250",
  "src_port": "38028",
  "src_addr_threat_indicated": false,
  "src_addr_is_internal": true,
  "dst_addr": "54.225.214.228",
  "dst_port": "443",
  "dst_addr_threat_indicated": false,
  "dst_addr_is_internal": false,
  "dst_addr_whois_country_code": "US",
  "dst_addr_geolocation": "39.0481,-77.4728",
  "dst_addr_whois_organization": "Amazon Technologies Inc.",
  "mac_address": "1C:C1:DE:26:9D:C4"
}

Full control and access

REST API

Both configuration settings and log data are available through the Graylog REST API. Integrate Graylog seamlessly into your evolving architecture, and build your own reports and analysis.

The REST API is the only dependency of our web interface, so high quality and completeness is guaranteed.

Learn more