The Graylog Blog

Windows Filebeat Configuration and Graylog Sidecar

Graylog sidecar can create and manage a centralized configuration for a filebeat agent, to gather logs from a local server that is not part of the Windows Event Channel and across all your infrastructure hosts.

Log Indexing and Rotation for Optimized Archival in Graylog

How do I rotate around my logs and configure them in Graylog? Let's talk about the best practices around log retention and how to configure them in Graylog.

Integrating Threat Intelligence into Graylog 3+

How to use the Threat Intelligence plugin and integrate it into Graylog 3+.

Using Pipelines for Windows Log Processing

Use Graylog pipelines to enrich your logs and make them easier to read.

3 Steps to Structuring Logs Effectively

Often, logs from different sources label data fields differently and/or provide data that’s completely unstructured. In order to analyze logs efficiently, they must be structured effectively.

Integrating Threat Intelligence with Graylog

A Beginner’s Guide to Integrating Threat Intelligence

In this post, I highlight the basics of what to consider when selecting a source of threat intelligence and provide an outline of what steps are needed to integrate that data.

Connecting Sidecar and Processing Pipelines Using Graylog

We would like to introduce a new series from our blog that takes you back to the basics of Graylog. Written by your Graylog engineers, these installments will be a deep dive into the main components of our platform.

Writing your own Graylog Processing Pipeline functions

In this post, we will go through creating your own processing pipeline function. Some Java experience will be helpful, but not necessary. We will be taking it step-by-step from understanding a pipeline, to implementing and installing your function.