Graylog’s log aggregation features are useful for a lot of tasks, ranging from regular troubleshooting to detecting issues as soon as they become manifest. Optimizing log management by aggregating all meaningful data is a quick and efficient way to isolate any problem to root causes and solve it with minimal impact on services. Aggregated data is easier to parse and analyze – you can reduce the number of data points in a meaningful way and obtain the answer you need from them.

The constant evolution of security threats has long-since made preventing cyber-attacks and network intrusion attempts a nearly impossible task. Real threats are often hard to identify among a multitude of false alarms, and many experts understand that a well-integrated and fully-automated threat intelligence strategy is the best approach. Nevertheless, 70% of security industry professionals still believe threat intelligence to be too complex and bulky to provide actionable insights.

‍ Log file parsing is the process of analyzing log file data and breaking it down into logical syntactic components. In simple words - you’re extracting meaningful data from logs that can be measured in thousands of lines. There are multiple ways to perform log file parsing: you can write a custom parser or use parsing tools and/or software.

Every log management solution out there has its own alerting feature. Alerts are a critical component of every logging tool. They can tell you whether an event is something you want to check out rather than just normal everyday activity you want to ignore. Graylog’s simplified interface is incredibly accessible to assist you with all the information you need in real-time, yet scalable enough to never compromise the level of detail provided.

The Graylog ExtendedLog Format (GELF) is a uniquely convenient log format created to deal with allthe shortcomings of classic plain Syslog. This enterprise feature allows you tocollect structured events from anywhere, and then compress and chunk them inthe blink of an eye.

In computing, an audit log is a record of an event. An event is any significant action that impacts the hardware or software of a computer – anything from a mouse click to a program error. Besides documenting which resources were accessed and what for, an audit file system will also include the source and destination addresses, the timestamp, and the user ID information.

Today we are officially releasing Graylog v3.1.1 This release brings a whole new AWS Kinesis/CloudWatch Input to Graylog. The new input guides the user through the setup process and performs validation checks along the way. It also supports an automated CloudWatch Logs to Kinesis Streams setup, eliminating the complexity of manual setup.

Every organization that handles large volumes of data should implement an archiving system to separate active from inactive data, including log files. With recent changes in data laws in the EU and the growing needs for log archiving, finding a quality file storage and archiving solution is more important than ever. We will discuss the reasons for archiving data and show you how to successfully store logs and use the Archive feature in Graylog Enterprise.