Parsers make it easier to dig deep into your data to get every byte of useful information you need to support the business. They tell Graylog how to decode the log messages that come in from a source, which is anything in your infrastructure that generates log messages (e.g., a router, switch, web firewall, security device, Linux server, windows server, an application, telephone system and so on).

Graylog Enterprise v3.2 is out in the world, customers are using it and loving it, and we want to share with you what we've learned from them. Like most departments, IT is buried with day-to-day activities. Proverbial system and user fires that need extinguishing get in the way of that list of projects gathering dust because nobody has time to get to them. To ease this burden and give you back much needed time to tackle it all, Graylog focused the v3.2 release on usability and productivity.

Log management plays an important role in helping to debug Kubernetes clusters, improve their efficiency, and monitor them for any suspicious activity. Kubernetes is an open-source cluster management software designed for the deployment, scaling, and operations of containerized applications.

While the Capital One breach may have been jaw-dropping in its sheer scale, there are best practice lessons to be learned in its remediation response, says Nick Carstensen, technical product evangelist at Graylog.

Today, most enterprises rightfully think about their business strategies by leveraging available data. Data-driven decisions certainly are more solid and reliable than those based upon mere instinct, intuition or just plain mysticism. Logs, in particular, are a fantastic source of information from which a company can draw to fuel its business intelligence (BI) strategies. However, there’s a big and sometimes unbridgeable gap between theory and practice.

What makes data structured or unstructured and how does that affect your logging efforts and information gain? Below we've provided a comparison of structured, semi-structured, and unstructured data. Also below, we discuss ways to turn unstructured data into structured data.

This release unifies views, dashboards, and search for a more flexible and comprehensive approach to threat hunting. The expanded search introduces greater efficiency by making it easier to reuse searches you need to run on a regular basis with saved search and search workflows. Other enhancements such as full screen dashboards, and updates to alerting round out v3.2.