Being a security analyst tracking down threats can feel like being the Wile E. Coyote to an attacker’s Road Runner. You’re fast, but they’re faster. You set up alerts, but they still manage to get past your defenses. You’re monitoring systems, but they’re still able to hide their criminal activities.…
Announcing Graylog 6.0.3 This is a bug-fix release that improves Graylog’s functionality. Please read on for information on what has changed. Download Links DEB and RPM packages are available in our repositories Container images Graylog Open Graylog Enterprise Graylog Data Node Tarballs for manual installation Graylog Server Graylog Server…
The 2020 EU Cybersecurity Strategy, published by the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy, aimed to establish safeguards against security risks arising from increased digital connectivity. As part of the strategy, the strategy included updates to Directive (EU) 2022/2555 on measures…
Announcing Graylog 5.2.8 This is a bug-fix release that improves Graylog’s functionality. Please read on for information on what has changed. Download Links DEB and RPM packages are available in our repositories Container images Graylog Open Graylog Enterprise Graylog Data Node Tarballs for manual installation Graylog Server Graylog Server…
Announcing Graylog Illuminate 5.1 GRAYLOG ILLUMINATE 5.1 Released: 2024-06-06 Added Symantec EDR: Symantec Endpoint Detection and Response (EDR) Content Pack (1853) Symantec Endpoint Detection and Response is used to detect advanced attacks using machine learning and global threat intelligence to minimize false positives and help ensure high levels of…
Upgrade to Illuminate 5.1 for Enhanced Security Operations (Requires Graylog 6.0) Hey everyone! We’re thrilled to announce the release of Illuminate 5.1, our latest update to the powerful Graylog Illuminate Content Pack. This version brings game-changing new features, especially with extended coverage for Symantec Endpoint Detection and Response (EDR)…
Please be advised, Graylog is suggesting not to upgrade your OpenSearch Cluster to version 2.14. There are two issues in OpenSearch that will cause two specific issues: 1. Sporatic concurrent_modification_exeptions during query (link) 2. Additional aggregation in search request is changing results. (link) We are working with the OpenSearch Team…
For Star Trek fans, space may be the final frontier, but in security, discovering Application Programming Interfaces (APIs) could be the technology equivalent. In the iconic episode “The Trouble with Tribbles,” the legendary starship Enterprise discovers a space station that becomes overwhelmed by little fluffy, purring, rapidly reproducing creatures called…
OpenSearch Dashboards, the visualization tool for your OpenSearch data, offers the multiple data sources feature. This feature enables you to consolidate and visualize data from various OpenSearch clusters within a unified dashboard. By integrating disparate sources into a single view, the multiple data sources feature streamlines data analysis workflows, eliminates…
For the past two years, we were lucky enough to hold OpenSearchCon in Seattle. Every year has brought new topics to be discussed among the community, new speakers who share interesting projects they’ve been working on, and new areas of growth for the project and the community. But one question…