Use Graylog pipelines to enrich your logs and make them easier to read.
Often, logs from different sources label data fields differently and/or provide data that’s completely unstructured. In order to analyze logs efficiently, they must be structured effectively.
In this post, I highlight the basics of what to consider when selecting a source of threat intelligence and provide an outline of what steps are needed to integrate that data.
We would like to introduce a new series from our blog that takes you back to the basics of Graylog. Written by your Graylog engineers, these installments will be a deep dive into the main components of our platform.
In this post, we will go through creating your own processing pipeline function. Some Java experience will be helpful, but not necessary. We will be taking it step-by-step from understanding a pipeline, to implementing and installing your function.