Graylog
Overview
The Overview dashboard displays visual metrics concerning some of the most commonly investigated log data, including logon attempts, logon failures, message counts, etc.
Graylog NSPECT Small
99$Every monthState Of the Art Log and SIEM
Features
-
120 GB Log Space
-
Graylog NSPECT Parsers for most popular data sources
-
Customizeable Dashboards
-
Powerful Search Capabilities
-
Open Source
Rapid Threat Hunting
Hunt malware, hacks, and phishing with Graylog's integrated search, workflow.
Compliance
Reporting
Stay on top of ever-changing regulatory compliance obligations.
Extensive SIEM Capabilities
Graylog enhances security, visualizes alerts, and streamlines incident management.
Identify Malicious Activity
Find threats in diverse data sources and enhance security posture.
01
Correlation Engine
02
Audit Logs
03
Content Packs
01
Correlation Engine
02
Audit Logs
03
Content Packs
04
Reporting
04
Reporting
Graylog is monitoring all the logs as they enter the system, and based on defined event and alert rules, will take the logs of interest and move them from the noise into their own Elasticsearch index.
Graylog activates the MongoDB audit log feature when the Enterprise functionality is enabled, and starts recording to the local database immediately. Every new action taken by administrators are recorded and put into a window for searching and exporting incase needed.
Graylog reports are extremely easy to build and configure, leveraging our Dashboard functionality to provide the scheduled reports you need. Because of this, you already have built-in chart types, relative time frames, and sophisticated target data rules.
Content Packs are collections of pre-built inputs, processing intelligence, display templates, and outputs (Alerts and Report). Content Packs were created to share configurations for popular types of devices, making the setup and configuration of these devices quick and consistent.