The Graylog Blog
Windows Filebeat Configuration and Graylog Sidecar
Graylog sidecar can create and manage a centralized configuration for a filebeat agent, to gather logs from a local server that is not part of the Windows Event Channel and across all your infrastructure hosts.
Log Indexing and Rotation for Optimized Archival in Graylog
How do I rotate around my logs and configure them in Graylog? Let's talk about the best practices around log retention and how to configure them in Graylog.
Integrating Threat Intelligence into Graylog 3+
How to use the Threat Intelligence plugin and integrate it into Graylog 3+.
Using Pipelines for Windows Log Processing
Use Graylog pipelines to enrich your logs and make them easier to read.
3 Steps to Structuring Logs Effectively
Often, logs from different sources label data fields differently and/or provide data that’s completely unstructured. In order to analyze logs efficiently, they must be structured effectively.
A Beginner’s Guide to Integrating Threat Intelligence
In this post, I highlight the basics of what to consider when selecting a source of threat intelligence and provide an outline of what steps are needed to integrate that data.
Connecting Sidecar and Processing Pipelines Using Graylog
We would like to introduce a new series from our blog that takes you back to the basics of Graylog. Written by your Graylog engineers, these installments will be a deep dive into the main components of our platform.
Writing your own Graylog Processing Pipeline functions
In this post, we will go through creating your own processing pipeline function. Some Java experience will be helpful, but not necessary. We will be taking it step-by-step from understanding a pipeline, to implementing and installing your function.