Graylog 3.3

This release includes enhancements to search, events, and alerts that introduce greater efficiencies to your daily log management efforts and strengthen your audit and compliance capabilities.

Expanded Search

It’s often the little things that make all the difference. Graylog’s new search enhancements focus on making some of the tasks performed on a regular basis more efficient. For example, users make content choices such as adding a limit on the total number of messages or pull data from multiple streams before exporting a CSV file.

Error messages offer a greater level of detail. For example, if you run a search across three streams but only have permission to access one of them, Graylog will display an error message letting you know. This also applies to saved searches. If a colleague shares a saved search, Graylog will display an error message if you do not have the appropriate permissions to view the results. Other enhancements include UI improvements for better performance and search execution. For the latter, this means if you make any changes to your search you can control when you want to re-execute it.

Download Now

And More


Planning ahead? Have alerts you only want to trigger at certain times? Need to pause in the middle of creating an alert? Have an alert creating too much noise and want to disable it and work on it? Now you can create Alert rules and save them for later. You can pause or disable an active Alert. And you can stop and save any time you are creating an alert.


Graylog Audit Events now record when someone creates and executes a search along with the search content. This includes stream searches and dashboards as well. For example, if a developer debugs an application and that application has financial data, now you have an audit trail of exactly what and when the data was viewed.


Tracking your SSO Logs Made Easy

In Graylog 3.3, we have added a new input for Okta Log Events. You simply enter your domain name and API key to pull your Okta event logs into Graylog. Keeping track of your authentication data in the cloud is critically important for monitoring employee activities. This new input will make this task easier. All logs collected will conform to the new Graylog schema. (Coming soon!)


If the disk space in an Elasticsearch cluster runs low or runs out, this can lead to data loss and other problems down the road. To prevent this from happening, Graylog has added visual identification to alert you to the problem and we provide a link to documentation that can guide on how to resolve it.

Download Now
Contact sales