BLOG

The Windows System Monitor (Sysmon) is one of the chattiest tools. With all the information coming in, it can be difficult and expensive to use it efficiently. However, the Graylog Illuminate package gives you a way to fine-tune it so that you can get better data and manage your ingestion rate better. 

As your security capabilities improve with centralized log management, you can create proactive threat hunting queries for proactive planning. Setting baselines, determining abnormal behavior, and choosing an attack framework helps you mitigate risk and respond to incidents. 

Nearly all security experts agree that event log data gives you visibility into and documentation over threats facing your environment. Even knowing this, many security professionals don’t have the time to collect, manage, and correlate log data because they don’t have the right solution. The key to security log management is to collect the correct data so your security team can get better alerts to detect, investigate, and respond to threats faster. 

On May 12, 2021, President Biden released the “Executive Order on Improving the Nation’s Cybersecurity” (the Executive Order) prompting many organizations to ask, “What does this mean for me?” One of Graylog’s essential functions is to help you monitor your threat landscape. Read on to find out how we provide the visibility you need to understand what is happening on (and to) your IT infrastructure to better understand where to focus your efforts.

Using centralized log management for multi-cloud strategies gives you more visibility into your complex ecosystem.

The growth and use of Discord has transformed from just many Gaming users to businesses using it as a communication platform. Having the ability to send Log Management Alerts to Discord where everyone is collaborating can provide a major benefit to multiple teams in an organization.

Cloud IT stacks are more important to business operations than ever before. With Graylog, IT teams can collaborate when engaging in root cause analysis to ensure continued productivity. 

This week in Log Management. Discover how archiving works in Graylog Enterprise.

There are times in IT environments when you might want to pause (silence) these alerts, not triggering unnecessary notifications. For example, when you know you're going to generate specific events in your network.

Threat hunting that uses threat intelligence strengthens your incident response team’s ability to detect, investigate, and mitigate risk.

This Week in Log Management - The Graylog Web Search query is one of the most powerful features in Graylog and one of the easiest to use. Find out why.

This Week in Log Management - Are Dashboards and Reports related? What host can I use to send logs to Graylog?

In these turbulent times, IT teams leverage centralized log management solutions for making decisions. As the challenges change, the way you’re monitoring logs for insider threats needs to change, too. 

Every week we get a lot of great questions through support, the community, social media, and on our weekly demo. On Friday, you can find here the most common questions and answers, tips, insights, a closer look at Graylog, interviews, etc.

VPN and firewall log management can help detect and mitigate security risks for a hybrid workforce.

Centralized log management solutions aggregate logs, standardize formatting, and filter event logs by type to stream root cause analysis.

A centralized log management solution for cloud environment can help manage performance, availability, security, and ultimately IT costs amongst other things. In this blog post, we look at 5 key benefits that come from using log management to manage log data in cloud environments. 

Cloud-first infrastructures are the future of modern business operations. While the cloud offers scalability that can save money with pay-as-you-need services, managing the costs is challenging. Many organizations use more services than estimated, which undermines the original reason for choosing the cloud service. Centralized Log Management offers the visibility you need to optimize your cloud usage to keep infrastructure costs down. 

Logs are fundamental to any IT operations or security program because they tell you everything from who’s doing what to what’s connecting where. To get you set for 2021, Graylog’s experts have identified three key areas that you can improve so that you can work faster, mitigate risk, and manage documentation for the new normal WFH and the future hybrid version of WFH and in the office.

Gary Koopmann Graylog feline reporter.