The Graylog Blog
Using Pipelines for Windows Log Processing
Use Graylog pipelines to enrich your logs and make them easier to read.
Log Indexing and Rotation for Optimized Archival in Graylog
How do I rotate around my logs and configure them in Graylog? Let's talk about the best practices around log retention and how to configure them in Graylog.
What to Do When You Have 1000+ Fields?
When you have 1000+ fields, Graylog can collect all the logs and have them ready for you to search through in one place.
Graylog Illuminate: The Story
Graylog Illuminate for Authentication creates a foundation to normalize all authentication data, regardless of source. This gives you consistency in reporting, alerting, and analysis plus the power to easily correlate authentication data.
Windows Filebeat Configuration and Graylog Sidecar
Graylog sidecar can create and manage a centralized configuration for a filebeat agent, to gather logs from a local server that is not part of the Windows Event Channel and across all your infrastructure hosts.
How to Set Up Graylog GeoIP Configuration
Having additional data on logs that contain IP addresses that gives you their Geolocation helps in your investigations and understanding of your traffic patterns. Here's a guide to set up Graylog and enrich your data with this info.
The Importance of Historical Log Data
Centralized log management brings valuable information to one place. See how Graylog helps you use historical data to get more concrete insights.
Security Log Monitoring and DNS Request Analysis
By using strategically placed sensors, Graylog’s content pack collects DNS logs guarantees interoperability with any DNS request, even if it is going to an unexpected DNS server or if it was blocked somewhere further down the path.
How to use Graylog as a Syslog Server
A Syslog server is, by all basic terms, a centralized logging solution. While you might have more than one Syslog server, with Graylog you can accomplish all logging in one centralized spot.