Investigations from a Log Message: Start your investigation right from a specific log message. Graylog’s Investigations feature provides a robust search interface, allowing complex queries across vast volumes of log data. Leverage various search filters, including time ranges, event types, specific hosts or devices, and custom metadata, to focus on the most relevant log entries.
Integrating Dashboards: Visualize your log data through interactive charts, graphs, and timelines. Graylog’s Investigations feature enhances your analysis process by allowing you to spot trends, anomalies, and relationships between events effortlessly.
Alert Workflow Integration: This feature perfectly dovetails with the alert workflow, enabling you to investigate alerts triggered by real-time or historical log data. Connect alerts with investigations for a quick assessment of incidents and to gather additional evidence.
Collaboration and Case Management: Streamline your complex investigations with efficient collaboration. Use Graylog Teams to share findings and document investigation details. The Investigations feature also offers case management capabilities, allowing you to organize investigations into cases, assign tasks, and track progress.