Sliding Through Log-Time Space This post kicks off a new series written by the Graylog Development Team. In these updates, we’ll highlight the features and fixes that make daily work in Graylog smoother. We want to show the work we...

Next up for #GraylogLabs! We have a minor but functional enhancement to highlight for you—Graylog time-range stepping. To fix manual time-range adjustment limitations there are now 2 new time range nav buttons for stepping forward & backward through logs. ⬅️ ➡️ Learn more: graylog.org/post/sliding...

Caddy Webserver Data in Graylog Discover how to use Graylog 6.4 Illuminate to collect, parse, and analyze Caddy web server logs for enhanced security, insights, and troubleshooting

New from #GraylogLabs! Read up on the Caddy Webserver Content Pack that quickly turns raw logs into structured, searchable insights. It's available in Illuminate 6.4 & a Graylog Enterprise or #Security license + delivers ready-to-use parsing rules, streams & dashboards.

graylog.org/post/caddy-w...

Adversary Tradecraft: Exploitation of the SharePoint RCE Detect and investigate SharePoint RCE CVE-2025-53770 with indicators, log analysis, and tips to stop exploitation and protect systems.

#CVE202553770 & #CVE202553771 are critical remote code execution vulnerabilities impacting #Microsoft #SharePoint. In this blog we simulate the exploitation of this vulnerability & analyze the resulting telemetry inside #Graylog. graylog.org/post/adversa... #GraylogLabs #SharePointRCE #cybersecurity

17 Common Indicators of Compromise Indicators of compromise are the digital artifacts that attackers leave behind, giving security teams the forensic evidence for a security incident.

🔍 When #threatactors gain unauthorized access to systems they leave behind clues. 🕵 And your #security team needs to find them to mitigate risk. Indicators of compromise can be network-based, host-based, email-based, behavioral, or 3rd-party. 🤔 Learn more.👇
graylog.org/post/17-comm... #GraylogLabs

Adversary Tradecraft: Emulating Mustang Panda’s Use of MAVInject in Recent Campaigns Follow the Graylog Security Team as they show you how to detect Mustang Panda's Use of MAVInject Malware on Windows.

#MustangPanda has been combining legitimate components with malicious payloads to reduce likelihood of detection. Could you spot Mustang Panda’s use of MAVInject in a campaign? Here we emulate an infection chain & analyze the activity it produces in #Graylog. graylog.org/post/adversa... #GraylogLabs

Graylog Parsing Rules and AI Oh My! Graylog parsing rules can be tricky at times but in this blog you will find many ways to do this and also include the ability to use AI!

Getting log files into #Graylog is easy. 👍 But, it can be hard to set up parsing rules for your logs. 😓 What should you do when you have a log source that does not fall into one of the parsed out-of-the-box categories?

Find out, in this #GraylogLabs post. graylog.org/post/graylog... #cybersecurity

Getting Ready with Regex 101 Regex, short for regular expressions, is a syntax used to define search patterns when matching and manipulating strings. Let's look at it!

Just in time for your leisurely weekend reading we have our latest #GraylogLabs post!🕺🎉 Dive in & learn about regex patterns. Including:

🤔What regex means
❓What a regex function is used for
🖊️Writing a regular expression
✔️Using regular expressions

graylog.org/post/getting... #cybersecurity #infosec

Let's talk about why it's important to have accurate log message timestamps!

Read this #GraylogLabs article to learn about the problems that incorrect timestamps can create, several common causes of log message timestamp issues, and more. 🕗 🤔 t.co/SMyTv063PT #Graylog #cybersecurity #infosec

Critical Windows Event ID's to Monitor MIcrosoft offers a wide array of business critical technology solutions and logging capabilities to help manage security which can become overwhelming. This list of critical Event IDs to monitor can h...

As you build out your #security program, it's important to know about some of the more critical #Windows Event IDs to monitor & what they mean.🤔

This #GraylogLabs post covers:
✔Logon events
✔Privilege use
✔Windows Server
✔Microsoft Defender Antivirus

graylog.org/post/critica... #cybersecurity

Load Balancing Graylog with NGINX: Ultimate Guide In this guide you will gain insight into the configurations necessary to load balance a Graylog cluster with the every popular Nginx load balancer.

Enhance your #Graylog with the @nginx.bsky.social load balancing capability, to ensure peak performance!⛰💯

#NGINX will ensure that your Graylog cluster isn’t over-taxed, kind of like a well-organized team in which work is evenly distributed.🙌

graylog.org/post/load-ba... #GraylogLabs #cybersecurity

Graylog Parsing Rules and AI Oh My! Graylog parsing rules can be tricky at times but in this blog you will find many ways to do this and also include the ability to use AI!

Lions & tigers & #AI? Oh my? 🦁/🐯/✖🐻✔🤖
In the log aggregation game, the biggest difficulty you face could be setting up parsing rules for your logs.😓

But, don't worry! This #GraylogLabs guide provides useful examples & links to the primary methods of parsing logs.
👇👀

graylog.org/post/graylog...

Critical Windows Event ID's to Monitor MIcrosoft offers a wide array of business critical technology solutions and logging capabilities to help manage security which can become overwhelming. This list of critical Event IDs to monitor can help you get started.

#Cyberattackers are just as invested in the #Microsoft ecosystem as they are in any other ecosystem. ☠️ 😒

👀 So, let's take a look at some of the more critical Windows Event IDs to be monitoring, plus what they mean. 👍👇

graylog.info/4852u6k
#cybersecurity #security #GraylogLabs