graylog

Posts: 2

Graylog and Cylance Protect Integration

Whitney Champion on devops, graylog, operations, secops, cylance, logging, api, security | 23 Dec 2019

TL;DR - we needed to ingest multiple sources of Cylance logs into Graylog, and this is how we did it. Since we had never integrated with their API before, we were looking at a lot of unknowns. Searching GitHub uncovered a huge win. Lucky for us, someone had already…

Automating Graylog Pipelines

Whitney Champion on graylog, ansible, devops, python, security, automation, secops, continuous integration, dfir | 18 Jun 2019

Part of our job at Recon relies on fine tuning our threat signatures that make up the bulk of our pipeline rules in our Graylog environment. Because of this, they are constantly changing, growing, being tuned, and ultimately becoming more effective over time at detecting anomalous activity.…