Every Organization Needs Centralized Logging

Eric Capuano

Oct 18, 2022 6:03:30 PM

Logs are on the systems, why do I need this? Because Digital Forensics & Incident Response is...

Detecting Threats with Graylog Pipelines - Part 3

Eric Capuano

Jan 15, 2021 2:14:00 PM

Now that we've normalized and enriched our events, let's get into the actual threat detection logic...

Detecting Threats with Graylog Pipelines - Part 2

Eric Capuano

Jan 4, 2021 5:01:00 PM

In my previous post, I explained the fundamental purpose and use cases of pipelines in Graylog –...

Detecting Threats with Graylog Pipelines - Part 1

Eric Capuano

Dec 31, 2020 5:16:00 PM

If you are here hoping to learn more about using Graylog for the purpose of monitoring the security...

Camp COVID - A Recap

Whitney Champion

Apr 17, 2020 11:40:00 AM

Let me first say, on behalf of the Recon team, we cannot thank the community enough for joining us...

Automating Detection Coverage Analysis with ATT&CK Navigator

Brian Greunke

Feb 13, 2020 1:52:00 PM

Staying on-top of the latest adversarial methodologies means quickly adjusting to new TTPs and...

Integrating Graylog With TheHive

Whitney Champion

Jan 31, 2020 2:11:00 PM

If you couldn't tell by now, we love Graylog. We may have mentioned them a time or two :)

Graylog and Cylance Protect Integration

Whitney Champion

Dec 23, 2019 2:37:00 PM

TL;DR - we needed to ingest multiple sources of Cylance logs into Graylog, and this is how we did...

Automating Graylog Pipelines

Whitney Champion

Jun 18, 2019 3:02:00 PM

Part of our job at Recon relies on fine tuning our threat signatures that make up the bulk of our...

Geolocation via Pipelines in Graylog

Megan Roddie

Aug 21, 2018 4:10:00 PM

To the delight of most Graylog users, geolocation is automatically built into the platform via the...