The Graylog Blog
Executive Orders, Graylog, and You
On May 12, 2021, President Biden released the “Executive Order on Improving the Nation’s Cybersecurity” (the Executive Order) prompting many organizations to ask, “What does this mean for me?” One of Graylog’s essential functions is to help you monitor your threat landscape. Read on to find out how we provide the visibility you need to understand what is happening on (and to) your IT infrastructure to better understand where to focus your efforts.
Centralized Log Management for Multi-Cloud Strategies
Using centralized log management for multi-cloud strategies gives you more visibility into your complex ecosystem.
Centralized Log Management for Cloud Streamlines Root Cause Analysis
Centralized log management solutions aggregate logs, standardize formatting, and filter event logs by type to stream root cause analysis.
Centralized Log Management and Cloud Environments
A centralized log management solution for cloud environment can help manage performance, availability, security, and ultimately IT costs amongst other things. In this blog post, we look at 5 key benefits that come from using log management to manage log data in cloud environments.
Centralized Log Management for Optimizing Cloud Costs
Cloud-first infrastructures are the future of modern business operations. While the cloud offers scalability that can save money with pay-as-you-need services, managing the costs is challenging. Many organizations use more services than estimated, which undermines the original reason for choosing the cloud service. Centralized Log Management offers the visibility you need to optimize your cloud usage to keep infrastructure costs down.
Centralized Log Management and a Successful 2021
Logs are fundamental to any IT operations or security program because they tell you everything from who’s doing what to what’s connecting where. To get you set for 2021, Graylog’s experts have identified three key areas that you can improve so that you can work faster, mitigate risk, and manage documentation for the new normal WFH and the future hybrid version of WFH and in the office.
SUNBURST Backdoor: What to look for in your logs now - Interview with an incident responder
Graylog's Founder and CTO, Lennart Koopmann interviews Eric Capuano, Founder and CTO, of Recon InfoSec about the FireEye report on the global intrusion campaign that utilized a backdoor planted in SolarWinds Orion.
Triaging Log Management Through SIEMS
While all cybersecurity professionals agree that log management is integral for robust proactive and reactive security, managing the enormous amount of data logs can be a challenge. While you might be tempted to collect all logs generated from your systems, software, network devices, and users, this “fear of missing out” on an important notification ultimately leads to so much noise that your security analysts and threat hunters cannot find the most important information.
Detecting & Preventing Ransomware Through Log Management
As companies responded to the COVID-19 pandemic with remote work, cybercriminals increased their social engineering and ransomware attack methodologies. Ransomware, malicious code that automatically downloads to a user’s device and locks it from further use, has been rampant since the beginning of March 2020. Detection of ransomware through log management offers one way for you to protect your systems, networks, devices, and applications for continued data security.
Planning Your Log Collection
Whether you are planning to use Graylog for security and threat hunting, IT Operations analysis and reporting, or any other use case, getting your logs into Graylog is essential. The process of log collection is sometimes a daunting task, especially if you are planning to collect massive amounts of data. But if you take a minute to answer some key questions before you begin, you can transform the log collection task from daunting to smooth sailing.
The Importance of Log Monitoring in Anomalous Behavior Analytics
What role does log monitoring have in intrusion detection and prevention and how does it work together with behavioral analytics?
Using Event Logs To Tighten Up Security
A huge volume of our personal and financial data depends on software code and databases. All of this information is stored in event logs, which is why having a dedicated log management tool is so important to IT security.
Cyber Security: Understanding the 5 Phases of Intrusion
Here at Graylog, we have recently had an increase in conversations with security teams from leading companies. We want to share our key findings with the Graylog community. In this blog post, we are going to review the 5 phases of intrusion and how to best combat attackers that are trying to infiltrate your networks and computer systems.
Aggregating, Managing and Centralizing Docker Container Logs With Graylog
Tools like Graylog are required for log management, aggregation, analysis, and monitoring in environments that make intensive use of Docker containers and Orchestration platforms.
Server Log Files in a Nutshell
Where do server requests come from and why? You can find this information and more in server log files.
Strengthening cybersecurity with log forensic analysis
Forensic analysis is a highly reliable approach to enforce a strong cybersecurity posture and can be made even more scientific when coupled with wise log management.
Cyber Security Mega Breaches: Best Practices & Log Management
Nick Carstensen of Graylog Outlines Lessons Learned from Recent Headline-Makers
Making data-driven decisions with log management software
Data-driven decisions certainly are more reliable than those based upon mere instinct, and logs are a fantastic source of information to fuel a company's business intelligence strategies.
Turning Unstructured Data Into Structured Data With Log Management Tools
What makes data structured or unstructured and how does that affect your logging efforts and information gain?
Improve Your Logging Efforts by Leveraging Your Search History
In this article, we will discuss some ways to get the best out of your saved searches and to speed up the search process.
Enhancing AWS security with Graylog centralized logging
Getting AWS logs into a SIEM or centralized log management platform such as Graylog is key to have proactive monitoring and alerting.
Improving IoT security with log management
We know we can strengthen IoT security with a wise log management strategy. But how can we leverage these event logs to improve the cybersecurity of these often extremely vulnerable access points to our systems?
Troubleshooting with Log Management - Best Practices
Troubleshooting is centered on first identifying and then rectifying problems within the system. Since logs record all kinds of event data, proper log management is a crucial step to figuring out exactly what went wrong - as well as when and how.
Preventing and mitigating data loss with Graylog
Log management tools such as Graylog can enhance your incident response and management strategies, and help you mitigate the damage when a data loss or breach occur in your database.
Business Intelligence and Log management – Opportunities and challenges
Business intelligence (BI) is all about making sense of huge amounts of data to extract meaningful and actionable insights out of it. Log management tools such as Graylog are the perfect solution to streamline data collection and analysis.
The importance of event correlation techniques in SIEM
Event correlation tools are a fundamental instrument in your security information and event management (SIEM) toolbox to detect threats from all sources in real time.
Threat Intelligence And Log Management: Security Through Automation
A well-integrated and fully-automated threat intelligence requires a proper centralized log management tool to attain a strong cybersecurity posture.
Audit Log: Feature Guide for Security and Compliance
Audit Log: Feature Guide for Security and Compliance
10 Things To Look For In an MSSP
There are several must-have capabilities to look for in a Managed Security Service Provider (MSSP), and these are 10 of the most essential ones.
What is IT Operations Analytics (ITOA)?
IT Operations Analytics (ITOA) is a vital asset to extract those valuable insights buried in piles of highly articulated data, and a powerful asset to sift through all the complexities of the Big Data.
ITOps vs. DevOps: What Is the Difference?
ITOps vs. DevOps: where does one end and the other begin? What does each role encompass and how can you tell the difference between them?
How Big Data and Log Management Work Hand in Hand
Become the master of Big Data with the right log management tools to help you quickly get your answers.
3 Steps to Structuring Logs Effectively
Often, logs from different sources label data fields differently and/or provide data that’s completely unstructured. In order to analyze logs efficiently, they must be structured effectively.
What Are the Benefits of Monitoring Event Logs?
By monitoring event logs, you can gain deeper insight into system metrics, localize process bottlenecks, and detect security vulnerabilities.
How Can the Right Log Aggregator Help Your Enterprise?
The right log aggregation tools can go a long way towards maintaining and improving an existing system easily and efficiently.
The Log Viewer – Your Window into Log Management
An immeasurable amount of data, in raw, unfiltered form, exists all around us. For most of us, to be able to properly categorize and “read” that data, we first must convert it into a format that we can understand – which is where the log viewer comes in.
E-Commerce and Log Management
Learn how log management helps you review and analyze customer behavior and security issues on your e-commerce website.
Next-Level Threat Hunting: Shift Your SIEM from Reactive to Proactive
Shift your SIEM from reactive to proactive to start leveling up your threat hunting capabilities.
Log File Parsing
Learn the difference between structured and unstructured logs, the basics of the JSON log format, what kind of information you can get when you parse log files, and which tools and utilities to use to perform log file parsing.
Centralized Logging – Knowing When Less is More
Centralized logging is critical to get the most out of your logs, and filter for only the most useful and interesting data because sometimes less is just more.
Why Should You Bother With Information Technology Operations Analytics?
Your organization’s IT system is a complex network of intercommunicating devices that can provide you with an abundance of useful data - if you apply the right practices to gather and filter it. See how ITOA can help.
Meeting Compliance Regulations with SIEM and Logging
Health, financial, and educational organizations often have standards and regulations that must be followed. See how SIEM and logging can help you gain compliance.
How to Read Log Files on Windows, Mac, and Linux
This post focuses on log files created by the three main operating systems--Windows, Mac, and Linux, and the main ways to access and read log files for each OS.
Log Analysis and the Challenge of Processing Big Data
Modern enterprises generate an immense volume of data, and Big Data increases the complexity with its high variety and velocity. But a robust log management solution can help you filter out the useful information in that vast pool.
Selecting SIEM Tools - Questions to Consider
Does your organization really need a SIEM tool? Read on for questions to ask when selecting this essential solution for your environment.
Top Use Cases for Log Analysis
There is a wide scope of use cases for log analysis - from tackling security and performance issues head-on to enhancing the quality of your services. This post discusses these use cases in more detail.
Must-Have Features for Your Log Management Software
With so many choices available to us today, knowing what you need in your log management software can be difficult. Here are some tips on what features you should look for.
Selling Stakeholders on Automated Threat Response
With automated blocking, analysts can focus on higher value activities than responding to obvious security threats that can be safely handled with an automated response.
Do you need better insight into the overall state of your network security? Take a step back and look through the larger lens of the SIEM solution.
Improving the Signal-to-Noise Ratio in Threat Detection
It’s unrealistic and cost-prohibitive for analysts to spot every threat. To avoid becoming a statistic, improve your threat intelligence signal-to-noise ratio to ensure real threats get the most attention.
Using Trend Analysis for Better Insights
A centralized repository of logs generated by your devices and applications stores a wealth of data. Trend analysis of that data gives you rich insight into activity in your environment.
The Power of Centralized Logging
Log files give you information about your IT environment. Having those logs centralized is essential to understanding your whole environment.
Talk to Us (Berlin Edition) - OSDC and Open Source Camp
Join us for OSDC and Open Source Camp in Berlin 12-14 June 2018!
The Value of Threat Intelligence Automation
The news is full of stories about the talent shortage in IT, especially in IT security. This shortage has created pressure on organizations to grow IT operations and to do that securely, all while having too few staff.
The Data Explosion and its Effect on Security
The shift to digital business is driving a massive expansion in the volume of data that organizations produce, use, and store. It is also accelerating the velocity of data—that is, the data is changing more rapidly than ever before.
Gameforge Uses Graylog to Stay Ahead of Application Performance Issues and Keep Gamers Happy
After reading some of our case studies, Lead Windows System Administrator at Gameforge, Felix Oechsler, felt inspired to share his story of Graylog’s evolution at Gameforge and got in touch with us last month.