Operations | Monitoring | ITSM | DevOps | Cloud

November 2019

Preventing and mitigating data loss with Graylog

If you’re handling sensitive information, dealing with data loss can be more than just a headache. Log management tools such as Graylog can enhance your incident response and management strategies, and help you mitigate the damage when a breach occurs in your database. Minimizing data loss with a fast and scalable logging solution is key if you want to bring your cybersecurity to the next level.

Shipping Office 365 audit logs to Graylog with O365beat

O365beat is an exceptionally useful open-source log shipping tool created by counteractive. With a few simple tweaks, it can be used to fetch Office 365 audit logs from the Office 365 Management Activity API and forward them to Graylog. The best part of this tool is that it leverages all the flexibility and power of the beats platforms such as libbeat.

Windows Filebeat Configuration and Graylog Sidecar

Have you ever needed to grab a log from a local server that is not part of the Windows Event Channel? Applications like IIS or DNS can write their logs to a local file, and you need to get them into your centralized logging server for correlation and visualization. Graylog sidecar can help by creating and managing a centralized configuration for a filebeat agent, to gather these types of logs across all your infrastructure hosts.

Business Intelligence and Log management - Opportunities and challenges

Business intelligence (BI) is all about making sense of huge amounts of data to extract meaningful and actionable insights out of it. Log management tools such as Graylog, instead, are the perfect solution to streamline data collection and analysis, so it’s easy to understand how these two technologies can make sense when they’re coupled together.

How to use Graylog as a Syslog Server

A Syslog server allows for the collection of logs into a centralized log repository. This centralized log repository allows for quick searching of your logs across your organization through different visualization tools. The Syslog web interface will provide the easiest access to the logs, and allows for easy secured remote access.

Aggregating, Managing and Centralizing Docker Container Logs With Graylog

Docker containers are an amazing invention that simplified the lives of many IT departments. Container images are lightweight, easily standardizable, and highly secure. Docker is the technology of choice when you need to run several different (and possibly newer) applications on the same servers.