NOTE: Graylog has made many updates to the application since this release. We encourage you to update to the latest version and take advantage of the large number of new features and functionality.
Happy New Year! Today we are releasing Graylog v2.4. In this release, you will see we’ve added four new default plugins and made three huge improvements to the QuickValues Widget.
Download Graylog v2.4:
- DEB or RPM packages are available in our repositories. Check our documentation for details
- Docker image
- OVA / Appliance
- Tarball (manual installation)
NEW DEFAULT PLUGINS
Beginning with the 2.4 release, we are shipping the following plugins by default. That means you don’t have to manually install and update them anymore. The plugins also got moved from graylog-labs into our official Graylog organization on GitHub.
- AWS Plugin – https://github.com/Graylog2/graylog-plugin-aws
- Threat Intelligence Plugin – https://github.com/Graylog2/graylog-plugin-threatintel
- NetFlow Plugin – https://github.com/Graylog2/graylog-plugin-netflow
- CEF Plugin – https://github.com/Graylog2/graylog-plugin-cef
QUICKVALUE WIDGET IMPROVEMENTS
We have three big improvements to our visualizations!
The feature we are most excited about and the most requested is stacking or grouping of data with another field! Within the UI, you can take a quick value result value and stack it against another field. For example, take a source address and then get a new result set with all destination addresses of this field. This is one of the top methods for threat hunting.
In addition, you can now sort the result set based on the field value or count. This is important for threat hunting where you often want to find the most common or uncommon values. (For example, suspicious network connections will usually be found in the top or bottom 5% of all connections made.)
Lastly, you can build a chart of the result set over time. The aggregated result that we previously offered only gave you a view into the “now.” With this improvement, you can now see “how have these values changed over time” to detect important changes or past outliers.
Please report bugs and any other issues in our GitHub issue tracker.
Please find the complete changelog in our documentation: