Data Analysis

Announcing Graylog Illuminate 5.1 GRAYLOG ILLUMINATE 5.1 Released: 2024-06-06   Added Symantec EDR: Symantec Endpoint Detection and Response (EDR) Content Pack (1853) Symantec Endpoint Detection and Response is used to detect advanced attacks using machine learning and global threat intelligence to minimize false positives and help ensure high levels of…

Announcing Graylog 5.2.8 This is a bug-fix release that improves Graylog’s functionality. Please read on for information on what has changed.   Download Links DEB and RPM packages are available in our repositories Container images Graylog Open Graylog Enterprise Graylog Data Node Tarballs for manual installation Graylog Server Graylog Server…

The 2020 EU Cybersecurity Strategy, published by the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy, aimed to establish safeguards against security risks arising from increased digital connectivity. As part of the strategy, the strategy included updates to Directive (EU) 2022/2555 on measures…

Upgrade to Illuminate 5.1 for Enhanced Security Operations (Requires Graylog 6.0)   Hey everyone! We’re thrilled to announce the release of Illuminate 5.1, our latest update to the powerful Graylog Illuminate Content Pack. This version brings game-changing new features, especially with extended coverage for Symantec Endpoint Detection and Response (EDR)…

For Star Trek fans, space may be the final frontier, but in security, discovering Application Programming Interfaces (APIs) could be the technology equivalent. In the iconic episode “The Trouble with Tribbles,” the legendary starship Enterprise discovers a space station that becomes overwhelmed by little fluffy, purring, rapidly reproducing creatures called…

Please be advised, Graylog is suggesting not to upgrade your OpenSearch Cluster to version 2.14. There are two issues in OpenSearch that will cause two specific issues: 1. Sporatic concurrent_modification_exeptions during query (link) 2. Additional aggregation in search request is changing results. (link) We are working with the OpenSearch Team…

OpenSearch covers a broad range of functionality for applications involving document search, e-commerce search, log analytics, observability, and data analytics. All of these applications depend on a full-featured, scalable, reliable, and high-performance foundation. In the latest OpenSearch versions, we’ve added new features such as enhanced artificial intelligence and machine learning…

Introduction The multiple data sources feature gives users the capability to visualize data from various OpenSearch clusters. To date, only certain visualization types have been available. With the release of OpenSearch Dashboards 2.13 and 2.14, the multiple data sources feature is now compatible with Vega and Time-Series Visual Builder (TSVB)…

I get asked this question all the time: Do I need semantic search? It’s a good question, but it’s not the right question to start with. You need to first understand what semantic search can do for you. Then you can dive into whether or not it’s a good fit…

OpenSearch introduced support for multiple data sources in version 2.4, allowing users to explore, visualize, and manage data from self-managed clusters and Amazon OpenSearch Service. In version 2.14, OpenSearch Dashboards plugins have been integrated to support multiple data sources. Users can now access data from remote clusters within OpenSearch Dashboards…