In the digital era, we need to track and record all of our data at all times. From a user logging into the dashboard to database queries, JavaScript errors, and website traffic, everything that matters is recorded in a log. You name it, and with due probability, you already have time-stamped documentation of all the events saved somewhere in the form of a log.
With so many choices available to us today, choosing log management software that’s just right for us has never been simpler. That is, if you know exactly what it is you are looking for. But for many users, the sheer amount of computer programs that perform the same tasks, and seem so similar(sometimes almost identical) to each other, can quickly become off-putting and confusing.
Most organizations use their SIEM solution to automate repetitive security tasks, saving analysts time. But the reality is your system could be doing—and saving—so much more by blocking the obvious threat actors attempting to connect with your network, systems, and assets.
Do you need better insight into the overall state of your network security? Take a step back and look through the larger lens of the SIEM solution. Security information and event management (SIEM) is an approach to security management that combines two aspects...
Ever since humankind developed the ability to write, much of our progress has been made thanks to recording and using data. In ages long past, notes were made on the production and gathering of resources, the exact number of available soldiers and other important personnel, and were compiled and stored by hand. Because of this documentation method, important information was also prone to being misplaced, lost, or even mishandled.
Servers take a lot of requests daily, we know that…We also know that the server responds instantly. But who makes the request? What do they want, and what exactly are they looking for? Where do these visitors come from? How often they are making a request: once a month, once a day, almost every minute? Well, answers to these, and potentially a lot more questions, can be found in a single place - the server log file.
Companies are generating massive amounts of data every minute. It’s impossible, unrealistic, and cost-prohibitive for analysts to spot every threat. That’s why even though breaches are in decline year over year, the first quarter of 2018 saw 686 breaches that exposed 1.4 billion records through hacking, skimming, inadvertent Internet disclosure, phishing, and malware.
Today we are releasing Graylog v2.4.6 to fix a few bugs.
Juraj Kosik, an Infrastructure Security Technical Lead at Deutsche Telekom Pan-Net, has written a detailed case study of how his organization implemented Graylog to centralize log data from multiple data centers exceeding 1 TB/day. His case study provides thorough insights into real-world issues you might run into when implementing and operating a log management platform in a large-scale cloud environment.
