In this post, I will describe in detail how to use the Threat Intelligence plugin that ships with Graylog. I’ll start with the steps necessary to prepare your data, then explain how to activate the feature and how to configure it for use.
As Stephen Marsland once said, “if data had mass, the earth would be a black hole.” A vast part of the immense amount of structured and unstructured data that we call “Big Data” is nothing but machine-originated log data. Logs are generated for a lot of different purposes – from security to debugging and troubleshooting. They constitute a gold mine of useful information and actionable insights if properly stored, managed, and analyzed.
Now that you have your brand new Graylog instance up and collecting your organization’s logs, all the data is quickly searchable and available for troubleshooting any issues as they arise. Just as easy as it is for you to use, an attacker with access to the logs now has a much simpler job of understanding your environment and seeing all of your data. You need to make sure you are doing all the due diligence you can to protect the data.
ITOps vs. DevOps: where does one end and the other begin? These two terms are commonly confused even within the IT industry, which is understandable since neither is set in stone and they often overlap, especially when talking about infrastructure. What does each role encompass and how can you tell the difference between them?
As Stephen Marsland once said, “if data had mass, the earth would be a black hole.” A vast part of the immense amount of structured and unstructured data that we call “Big Data” is nothing but machine-originated log data. Logs are generated for a lot of different purposes – from security to debugging and troubleshooting. They constitute a gold mine of useful information and actionable insights if properly stored, managed, and analyzed.
Today we are releasing Graylog v3.0.1 with a few bug fixes. Many thanks to our community for reporting issues and contributing fixes!
