You can further improve your ability to extract meaningful and useful geolocation data by leveraging the functionality of pipelines and lookup tables.
There are several standardized log formats that are most commonly generated by a wide assortment of different devices and systems. It is important to understand how they operate and differ from one another.
Having additional data on logs that contain IP addresses that gives you their Geolocation helps in your investigations and understanding of your traffic patterns. Here's a guide to set up Graylog and enrich your data with this info.
Graylog has a few built-in lookup tables and common adapters to read in the data from various locations. In this article, we'll go over the steps needed to configure your lookup table.
In this blog post we'll set up the required AWS resources, configure the Graylog input, and do some basic searches to explore the capabilities of Cloudtrail logs.
O365beat is an exceptionally useful open-source log shipping tool created by counteractive. With a few simple tweaks, it can be used to fetch Office 365 audit logs from the Office 365 Management Activity API and forward them to Graylog.
Graylog sidecar can create and manage a centralized configuration for a filebeat agent, to gather logs from a local server that is not part of the Windows Event Channel and across all your infrastructure hosts.
A Syslog server is, by all basic terms, a centralized logging solution. While you might have more than one Syslog server, with Graylog you can accomplish all logging in one centralized spot.
How do I rotate around my logs and configure them in Graylog? Let's talk about the best practices around log retention and how to configure them in Graylog.
Graylog’s log aggregation features are useful for a lot of tasks, ranging from regular troubleshooting to detecting issues as soon as they become manifest. Here's a quick guide.
Get Graylog email updates and be the first to know about new content, product updates, and tips and tricks!
