Today we are officially releasing Graylog v3.3.2.

The release includes a Graylog Enterprise update to the Palo Alto input as well as bug fixes that improve the functionality of Graylog. Please read on for detailed descriptions of the update and bug fixes.

Many thanks to our community for reporting issues and contributing fixes!

DOWNLOAD LINKS

– Graylog Server

– Graylog Enterprise

– Graylog Integrations

– Graylog Enterprise Integrations

Please report bugs and any other issues in our GitHub issue tracker. Thank you!

UPDATE: PALO ALTO INPUT TO SUPPORT PAN-OS V9.X DEVICES

More visibility into the Palo Alto Ecosystem

The Palo Alto input is getting a makeover in v3.3.2. Our customers were asking for v9.0 and above support. We responded with a significant update to the existing input.


The Palo Alto input update pretty much covers most if not all of the standard minefields in the Network Landscape. It now maps Correlation, GlobalProtect, HIP, and Config. These 4 add to the 3 existing feeds (Traffic,Threat, and System) making it a total of 7 feeds to the GL schema.

 

The best part about this Palo Alto input update is it eliminates hours or even days doing painstaking, manual investigation of network logs. Graylog ingests the Palo logs, parses them out, and presents them in an easy to search format. With this Palo Alto update, data exploration and threat hunting will become ridiculously fast in v3.3.2.Teams can spend minutes instead of hours or days investigating the logs.

GRAYLOG ENTERPRISE 3.3.2

FIXED

  • Fix message table headers in reports.

GRAYLOG 3.3.2

CORE

CHANGED

FIXED

Get the Monthly Tech Blog Roundup

Subscribe to the latest in log management, security, and all things Graylog blog delivered to your inbox once a month.