BLOG

Weekly log management blog posts with questions, tips, tricks, insights, interviews.

Threat hunting that uses threat intelligence strengthens your incident response team’s ability to detect, investigate, and mitigate risk.

Weekly log management blog posts with questions, tips, tricks, insights, interviews.

Weekly log management blog posts with questions, tips, tricks, insights, interviews from the week.

In these turbulent times, IT teams leverage centralized log management solutions for making decisions. As the challenges change, the way you’re monitoring logs for insider threats needs to change, too. 

Every week we get a lot of great questions through support, the community, social media, and on our weekly demo. On Friday, you can find here the most common questions and answers, tips, insights, a closer look at Graylog, interviews, etc.

VPN and firewall log management can help detect and mitigate security risks for a hybrid workforce.

Centralized log management solutions aggregate logs, standardize formatting, and filter event logs by type to stream root cause analysis.

A centralized log management solution for cloud environment can help manage performance, availability, security, and ultimately IT costs amongst other things. In this blog post, we look at 5 key benefits that come from using log management to manage log data in cloud environments. 

Cloud-first infrastructures are the future of modern business operations. While the cloud offers scalability that can save money with pay-as-you-need services, managing the costs is challenging. Many organizations use more services than estimated, which undermines the original reason for choosing the cloud service. Centralized Log Management offers the visibility you need to optimize your cloud usage to keep infrastructure costs down. 

Logs are fundamental to any IT operations or security program because they tell you everything from who’s doing what to what’s connecting where. To get you set for 2021, Graylog’s experts have identified three key areas that you can improve so that you can work faster, mitigate risk, and manage documentation for the new normal WFH and the future hybrid version of WFH and in the office.

Gary Koopmann Graylog feline reporter.

The Graylog alert feature can detect the signature from any log source in your organization with the signature/hash value in them. This blog post walks you through the bits of information from the YARA rules and create a rule in Graylog to alert when an IoC is detected. 

Graylog's Founder and CTO, Lennart Koopmann interviews Eric Capuano, Founder and CTO, of Recon InfoSec about the FireEye report on the global intrusion campaign that utilized a backdoor planted in SolarWinds Orion.

Gary Koopmann intrepid feline reporter for Graylog.

Graylog Enterprise v4.0 Licensing SSPL.

While all cybersecurity professionals agree that log management is integral for robust proactive and reactive security, managing the enormous amount of data logs can be a challenge. While you might be tempted to collect all logs generated from your systems, software, network devices, and users, this “fear of missing out” on an important notification ultimately leads to so much noise that your security analysts and threat hunters cannot find the most important information. 

Every action in an organization’s network generates event data, including records produced by operating systems, applications, devices, and users. By following best practices for event log management, you can enhance your cybersecurity posture and enable a more robust compliance program.

Every day we discover new vulnerabilities in our systems, cracks in the fence the adversaries take advantage of to get into your organization and wreak havoc. Alerts from centralized log management can give advance notice of an attack or alert you when they are going on.

As companies responded to the COVID-19 pandemic with remote work, cybercriminals increased their social engineering and ransomware attack methodologies. Ransomware, malicious code that automatically downloads to a user’s device and locks it from further use, has been rampant since the beginning of March 2020. Detection of ransomware through log management offers one way for you to protect your systems, networks, devices, and applications for continued data security.