The Graylog Blog

Showing posts tagged with Tips

Back to Basics: Using a Hot/Warm Elasticsearch Cluster

Starting with Graylog v2.3, we've added support for Elasticsearch 5. As you may know, Elasticsearch 5 allows the use of the hot/warm cluster architecture.

What is the hot/warm cluster architecture and why is it important to Graylog?

Read more >

Back to Basics: Monitoring Graylog

Once you have Graylog fully up and running, it’s best to implement a plan for monitoring your system to make sure everything is operating correctly. Graylog already provides various ways to access internal metrics, but we are often asked what to monitor specifically. In this post, we’ll provide a list of both host and Graylog metrics that you should monitor regularly as well as a guide about on how to access the data.

Read more >

Back to Basics: Enhance Windows Security with Sysmon and Graylog

Previously we discussed how you can use Graylog Collector Sidecar to configure Filebeat and work with Logfiles. Now we’ll show you how to use the winlogbeat to get the Windows Event Log over to your Graylog Installation. This will be useful if you are running Windows Servers in your environment or have a fleet of workstations that you are responsible for and want to have the additional information added to your already present central logfile system.

Read more >

Back to Basics: From Single Server to Graylog Cluster

In our second Back to Basics post, we'll walk through the process of scaling your environment from one Graylog server to a Graylog cluster. This will be useful for those who followed our single server setup guide and are now noticing an increase in incoming data and need additional servers. For those that are new Graylog users, this guide will also help with your initial setup of a Graylog cluster. In addition, we’ll point out useful tips along the way.

Read more >

Back to Basics: Connecting Sidecar and Processing Pipelines

We would like to introduce a new series from our blog that takes you back to the basics of Graylog. Written by your Graylog engineers, these installments will be a deep dive into the main components of our platform ranging from installation and configuration to data ingestion and parsing, scaling, and more. This can be viewed in conjuntion with and as an extension to the Graylog Documentation. We want you to be fully equipped with the knowledge to jumpstart your installation and learn new tips for those that are Graylog pros.

Read more >