From Alert Fatigue to Focused Response: A New Way Forward for The SOC
We’re all exhausted—both by the problem and by hearing about it. False positives and overwhelming alert volume have long plagued security operations. And despite years of innovation, solutions have remained elusive. Alert volume. Alert fatigue. SOC burnout. This persistent problem puts security teams in a tough position: Enable a broad set of detections to catch […]
Announcing Graylog 6.2.1
Announcing Graylog 6.2.1 This is a bug-fix release that improves Graylog’s functionality. Please read on for information on what has changed. Download Links Release date: 2025-04-28 Upgrade notes DEB and RPM packages are available in our repositories Docker Compose Container images: Graylog Open Graylog Enterprise Graylog Data Node Tarballs for manual installation: Graylog Server Graylog […]
Announcing Graylog 6.2
Announcing Graylog 6.2 This is a bug-fix release that improves Graylog’s functionality. Please read on for information on what has changed. Download Links Release date: 2025-04-28 Upgrade notes DEB and RPM packages are available in our repositories Docker Compose Container images: Graylog Open Graylog Enterprise Graylog Data Node Tarballs for manual installation: Graylog Server Graylog […]
Introducing Graylog 6.2: A SIEM Without Compromise
What does it really mean to have a SIEM Without Compromise? For too long, security teams have been stuck in a no-win game—forced to choose between visibility and cost, detection breadth and team capacity, automation, and control. Every decision felt like a trade-off, with real-world consequences: dropped logs, missed alerts, and inconsistent response when it […]
IoT Sensor Data into Graylog: A Lab Guide
Graylog has always been associated with log management, metrics, SIEM and security monitoring—but it’s also a great tool for creative, low-cost experiments in a home lab. I wanted to use it for real-world sensor data, so I built a DIY temperature and humidity monitor using an ESP-WROOM-32 development board and a DHT22 sensor. This project […]
Announcing Graylog 6.1.10
Announcing Graylog 6.1.10 This is a bug-fix release that improves Graylog’s functionality. Please read on for information on what has changed. Download Links Release date: 2025-04-03 DEB and RPM packages are available in our repositories Docker Compose Container images: Graylog Open Graylog Enterprise Graylog Data Node Tarballs for manual installation: Graylog Server Graylog Server (bundled […]
Graylog Testing IPoAC for Redundancy
RFC1149 (IPoAC) for Ultra-Resilient Log Delivery In modern distributed environments, where systems are spread across continents and uptime is non-negotiable, the need for robust, fault-tolerant log transport mechanisms has never been greater. At Graylog, we are committed to ensuring that your observability infrastructure can handle even the most extreme network disruptions—planned or otherwise. This is […]
Adversary Tradecraft: Emulating Mustang Panda’s Use of MAVInject in Recent Campaigns
In cybersecurity, old tactics rarely die — they just get repackaged. Attackers continue to revive long-standing techniques, dressing them up with minor tweaks to stay effective. Living Off the Land Binaries (LOLBins) are a prime example: legitimate Windows tools repurposed for malicious ends. Despite being around for decades, these methods still work — often because […]
Understanding Cybersecurity for SCADA
Industrial facilities increasingly rely on interconnected systems to improve operations. As they implement these technologies into their legacy environments, they create new cybersecurity risks within previously isolated Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) by connecting them to public internet-facing applications. To protect the ICS and SCADA systems from cyber […]
3CX VoIP Call Detail Records In Graylog
Even with the rise of high-speed networks and sophisticated monitoring tools, VoIP Call Data Records (CDR) remain an essential resource for troubleshooting and optimizing bandwidth usage. These records provide a granular view of call quality, latency, jitter, and packet loss—critical factors that directly impact voice performance. While real-time monitoring solutions can detect immediate issues, CDRs […]
Monitoring for PCI DSS 4.0 Compliance
Any company that processes payments knows the pain of an audit under the Payment Card Industry Data Security Standard (PCI DSS). Although the original PCI DSS had gone through various updates, the Payment Card Industry Security Standards Council (PCI SSC) took feedback from the global payments industry to address evolving security needs. The March 2022 […]
How I used Graylog to Fix my Internet Connection
In today’s digital age, the internet has become an integral part of our daily lives. From working remotely to streaming movies, we rely on the internet for almost everything. However, slow internet speeds can be frustrating and can significantly affect our productivity and entertainment. Despite advancements in technology, many people continue to face challenges with […]
