Cyber Defense with MITRE Framework | Graylog + SOC Prime | On-Demand Webinar >> ​


In this video, we will go over dashboards, a useful Graylog feature to visually represent your data through different graphs and charts.


In order to start creating a dashboard, you should go on your menu and select the “Dashboard” panel. Now click on the “create dashboard” button to select the title and description. If you click on the newly created dashboard name, you will see it’s empty, so you need to find data to put inside it


Go to the “Streams” panel and search whatever dataset you find most convenient to use. In our example, since we’re creating a dashboard reporting Firewall Data, we’re going to use data from the Netflow stream. Since we don’t want to use all the fields found in this stream, we will choose just a few ones. In the video, we select bytes, to know about bytes coming in and out of the firewall, by selecting the “Fields” item and writing down the word we want to search for. Now, click on it to open a menu to show a specific item – in this case, charts.

Now click on “Customize” in the selected graph to change your visualization options. For example, you may prefer to see a line chart that reports a sum of all data available at a minute-level resolution. You can also select a different timeline during which your data was stored, such as the last 8 hours instead of the last five minutes by clicking on the top left menu. Now click on the “Add to dashboard” button, and select the name of the dashboard you created before. You can specify a name for this particular data set coming from this stream to be injected on the dashboard. In the video, we’re going to add geolocalization data as well.


Go back to the Dashboard panel, and select your newly created dashboard to find that all the data coming from your streams has just been injected. Once here, you can click on the “Unlock/Edit button” to freely drag and drop these items around. If you click on the “Update in background” button, you will refresh the data constantly to make sure you keep visualizing the most current data available. When you’re finished, click on the “Lock” button once again. You can also assign those dashboards to individual users so they all have the same view.

We hope that this video showed you how easy it is to create a dashboard to view that data and the different types of widgets you can create. Happy logging!