Webinar: What's New in Graylog 7.0 | Watch On-Demand >>

Contact Us
Free Tools
See Demo
Graylog logo blue

Tag: Enterprise Feed

Are You Protecting the Right People in Your Organization?

Are You Protecting the Right People in Your Organization

If your security priorities still center on CVSS scores and device vulnerabilities, you’re missing a significant piece of the risk puzzle. People. Attackers aren’t following your org chart. They’re targeting whoever gives them access. Enter the concept of Very Attacked People (VAPs): individuals in your environment who attract the most persistent, targeted attacks. And they’re […]

Bringing GitLab Logs into Focus with Graylog

GitLab’s audit logs offer a goldmine of insights into user activity, project changes, and security events. Getting that data into Graylog for centralized analysis is easier than you might think—especially with the flexibility of our Raw HTTP input and Illuminate’s GitLab Spotlight Pack. In this two-part guide, we’ll walk you through how to get it […]

Improving Security with Blue Team Exercises

Improving Security With Blue Team Exercises

In many sports, but especially soccer, a team has a set of offensive players and defensive players. The offensive players look for ways to compromise the opposing team’s defenses, seeking to get the ball in the goal. Meanwhile, the defenders work hard to push back against the opponent’s offensive line to clear the ball from […]

Unlock Email Threat Visibility with Mimecast and Graylog

Email Threat Visibility with Mimecast and Graylog

Email threats aren’t slowing down. From credential phishing to malware-laced attachments, email remains one of the most exploited entry points for attackers. If you’re already using Mimecast to help mitigate that risk, you’re ahead of the curve — but raw log data only gets you so far. Starting with Graylog 6.2.3, you can pull logs […]

17 Common Indicators of Compromise

17 Common Indicators of Compromise

On a sunny summer vacation day, your childhood self is running around a playground looking everywhere for a small piece of paper as part of a treasure hunt. Each clue you find leads to another, then another, until you finally locate the hidden treasure. Investigating a security incident is similar to this process, but instead […]

Graylog Academy: Free On-Demand Training Available

Free Online Graylog Analyst Training   Efficient log management and analysis are crucial for maintaining robust IT infrastructures. To empower IT professionals and enthusiasts with the skills needed to harness the power of log data. Sign up at the Graylog Academy and take our Free Online Graylog Analyst Training!    Why Graylog? Graylog is a […]

Announcing Graylog 6.3

Release Notice

Announcing Graylog 6.3 What’s New in Graylog: Enhanced Security, and More Release date: 2025-06-30 Graylog 6.3 introduces several enhancements aimed at improving data management, security operations, and authentication processes. Detection Chains as Evidence: Every detection chain is now automatically added as evidence in an investigation. That’s one less manual step and a lot more context […]

Security Notice Update #1

Special Notice

Graylog Security Notice – Escalated Privilege Vulnerability Date: 24 June 2025 Severity: High CVE ID: submitted, publication pending Product/Component Affected: All Graylog Editions – Open, Enterprise and Security   Summary We have identified a security vulnerability in Graylog that could allow a local or authenticated user to escalate privileges beyond what is assigned. This issue […]

7 SIEM Configurations To Improve Your Time to Value

7 SIEM CONFIGURATIONS TO IMPROVE TIME TO VALUE

Whether you’re an Apple fan or not, one of the reasons people buy into their ecosystem is ease of setup across different devices. In a world where people customize the applications on their laptops to cross over with their mobile phones, an easy setup is a key to getting the most value from their devices. […]

Telemetry: What It Is and How it Enables Security

Telemetry What it is and How It Enables Security

If you have ever built a LEGO set, then you have a general idea of how telemetry works. Telemetry starts with individual data points, just like your LEGO build starts with a box of bricks. In complex IT environments, your security telemetry is spread across different technologies and monitoring tools, just like in a large […]

Getting OpenTelemetry Data Into Graylog

OpenTelemetry Data into Graylog

OpenTelemetry is emerging as the common framework for collecting observability data, and for good reason. It’s vendor-neutral, open source, and designed to collect traces, metrics, and logs in a consistent way. But while most of the buzz is around tracing and metrics, let’s not forget: logs are still the backbone of investigation and response. That’s […]

The Importance of Triage in Incident Response

Triage and Incident response

Gamers of a certain age likely remember the video game Asteroids. You played as a little triangular spacecraft shooting at big space rocks that started traveling towards you slowly at first, then gained speed. As you revolved around trying to protect yourself by shooting them, you inevitably had to make some rapid decisions about which […]