Cisco Security and Graylog

Graylog is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data. We deliver a better user experience by making analysis ridiculously fast and efficient using a more cost-effective and flexible architecture. Thousands of IT professionals rely on Graylog’s scalability, comprehensive access to complete data, and exceptional user experience to solve security, compliance, operational, and DevOps issues every day. Purpose-built for modern log analytics, Graylog removes complexity from data exploration, compliance audits, and threat hunting so you can quickly and easily find meaning in data and take action faster.

Product Integrations

• SecureX Threat Response: The Graylog integration empowers users to investigate an observable and determine if it is contained in a log message stored in Graylog It provides users with the date and time the observable was seen in the log, the node that received the log, the log source and the raw log messages. This integration allows you to query IPv4, IPv6, SHA-1, SHA-256, MD5, domain, URL, file path, user and email data types; and it returns sightings of an observable from each log message. The integration also enables users to pivot into Graylog, to search for an observable in all the log messages, It will open a new browser window in the Graylog user interface, containing the results of the search on the log messages that contain that observable.