Operations | Monitoring | ITSM | DevOps | Cloud

From malformed fields to endlessly nested objects, JSON logs can feel like they’re trying to submit your SIEM. In this technical session, we’ll demonstrate how to turn that chokehold into a clean takedown using Graylog’s parsing, normalization, and enrichment capabilities. You’ll learn how to: Whether you’re a SOC analyst tired of regex wrestling or an admin looking to streamline onboarding, you’ll leave with practical techniques to make messy JSON your sparring partner—not your opponent.

Atlassian’s audit records are data-rich, but messy. In this data-driven deep dive, Eddy Gurney from NetScout shares what it took to get them into Graylog. He walks through four pipeline approaches and why each fell short, then shows how moving parsing to the edge with Filebeat unlocked Graylog. With clean, flattened events flowing in, alerts and dashboards turn “noise” into operational visibility. You’ll also see how Sidecars makes config rollout easy, plus what changes to make if you’re on Atlassian Cloud instead of Data Center.

Have a sneak peek at Graylog V7.0. Graylog V7.0 introduces a major step forward in speed, usability, and visibility across your entire security and operations workflow. In this demo, we walk through the newest capabilities designed to help teams detect, investigate, and respond faster than ever. You’ll see how the updated interface streamlines daily tasks, how the enhanced search and pipeline tools simplify complex data handling, and how powerful additions like built-in correlation and modernized dashboards give you clearer insight with less effort.

Check out the new exciting features added to Graylog V7.0 Seth Goldhammer VP of Product and Ed Metcalf VP of Product Marketing walk you through the new features!

Graylog V7.0 supports integration with the Model Context Protocol (MCP), which allows large language models (LLMs) to access and interact with Graylog data and workflows in real time. Graylog exposes an MCP-compatible endpoint for LLM clients, such as Claude and LM Studio. MCP integration allows Graylog users to interact with their data through LLMs. With MCP, an LLM can connect directly to Graylog as a remote tool interface, performing queries, retrieving system information, and assisting with common administrative or investigative tasks. This capability may make it possible to.

Ethan Keaton takes you through upgrading A Graylog cluster to V7.0.

How much value are you really getting from your logs, and what are you giving up to stay on budget? In this episode of Logs and Lattes, host Palmer Wallace sits down with Seth Goldhammer, VP of Product Management at Graylog, for a candid conversation about the hidden cost of traditional SIEM pricing. Seth explains how ingest-based and resource-heavy licensing models pressure security teams into tough tradeoffs, such as dropping logs, tuning down detections, or limiting retention just to avoid budget overages.

Follow Rich Murphy Director of Product Management for Security walking you through Data Lake Preview and Retrieval.

SIEM & Log Management — Without Compromise: Watch an exclusive dive into Graylog 6.2 Spring ’25 Release, purpose-built to eliminate the trade-offs traditional Log Management and SIEMs force on your IT, Security, DevOps and Compliance teams. You get smarter data retention, plus easier detection and investigations.

Check out the latest tour of Graylog Enterprise. Check out Graylog Data Lake, Content Hub, Alerting, Role-Based Access Control, and more!