Open Source Logging: Getting Started with Graylog Tutorial

Показать описание

Connecting With Us
---------------------------------------------------

Lawrence Systems Shirts and Swag
---------------------------------------------------

AFFILIATES & REFERRAL LINKS
---------------------------------------------------
Amazon Affiliate Store

UniFi Affiliate Link

All Of Our Affiliates that help us out and can get you discounts!

Gear we use on Kit

Use OfferCode LTSERVICES to get 5% off your order at

Digital Ocean Offer Code

HostiFi UniFi Cloud Hosting Service

Protect you privacy with a VPN from Private Internet Access

Patreon

⏱️ Timestamps ⏱️
0:00 Getting Started With Graylog
1:46 Open Source vs Enterprise
3:42 Installing Graylog
5:06 How Graylog Processes Data
8:18 Configuring Syslog Inputs
9:52 Graylog Extractors for pfsense
12:04 configure Graylog streams
17:28 Creating New Graylog Indices
18:12 Creating New Graylog Inputs
20:31 Creatting new Gralog Streams
26:06 Finding Data & Parsing Logs
30:11 Resource Usage

Рекомендации по теме

Комментарии

Hey, we are doing some YouTube clean up and just came across the video! What a great tutorial! Thanks for taking the time to make it :)

Graylogvideos

Thank you,
I spent lots of time configuring ELK from scratch, but the work greylog has done is awesome, its simple and does the job well
thank you for showing this

mjgritli

I keep referencing this video again and again. This is a great beginner level tutorial to basics of getting logs into Graylog, separating them into streams, and searching through logs with Graylog.

earthling_parth

I was hung up on how to identify and separate out logs for a project/application once I send the logs from FluentD to Graylog. Your explanation on streams/indices/rules helped cleared out that confusion. Thank you so much <3

earthling_parth

I've been using Graylog at many of my customers for a few years now. Excellent product. I've been able to setup some really informative dashboards and alerts. It works well after you make a few tweaks. One thing I found is to make sure to adjust the heap size to get good performance. Other than that, it works great. We are ingesting Windows logs, NAS storage logs, WIFI AP logs, Firewall and Switch logs and VMware logs. The difficult part is narrowing down the scope of the data to the things you really need, but once you have it you can build dashboards that provide concise information. I have been using the grok patterns to categorize data from firewalls and it helps to build more informative dashboards and allow greater flexibility in presenting the data. Excellent tutorial.

sheepdgonwatch

I’ve played around a bit now and I’ve found you can really set a single “syslog” input for multiple servers. Then you create the index and streams. But when you create the stream “rule”, you can use the “gl2_remote_ip” field to only filter by certain syslog sources. So for pfSense, it would be the router. And for any unifi devices, it’s the IP of the device itself (AP, switch, etc). You can set the stream to be a so for device, or a group. This way you don’t have to have a separate input with a unique port number for EVERY remote server :)

willblanton

I've been dragging my feet for about a year now on making a decision with respect to log aggregation from a handful of proxies I manage all over the world. I checked this video out and decided to give Graylog a try and I absolutely love it! The install is super, super easy and I had a Graylog instance running and ingesting data from several of my proxies within 2 hours. Now its just a matter of a tweaking queries and dashboards to let me see precisely what I need. Awesome video, as always, Tom - I for sure would have spun my wheels on the streams / indices / extractors /etc!

loupalladino

Thank You Tom. I am looking at implementing Graylog in my home network and your video content was very helpful!

nlay

Thank You for showing this piece of software. I was working on setting up an ELK stack for just syslogs and is has been a few days utter failure and making me question my chosen profession and my proficiency at it. I have chosen to take a different route for logs because of the sheer admin cost. It's just two of use for 4500+ Customers and 100 Employee's.

FireBean

I’ve just been thinking about how there must be something like this out there. Thank you! I’ll play with this!!

bobbinatorrah

I set this up in 2016, we had 3 customers all sending logs to centralized Graylog server; it was fun!

MicheeNzamununu

Thanks! This video helped me to get graylog to start seeing incoming data.

blackranger

Thanks for the great video! I have been wanting to get into graylog for a while, this video finally got me to get off my butt. Still trying to figure it all out, but this was a great start. I was able to very easily set up the free enterprise license since it seems highly unlikely I will be ingesting over 5gb/day in my homelab.

bamhm

So helpful! Great tuto! New sub in here.
Greets from Uruguay.

Mister_Morise

Been wanting to move away from Splunk for a while, thanks for hitting the high points!!

brandonbrooks

Ran a Graylog VM and couldn't figure out why it wouldn't ingest my ESXi, TrueNAS and NetScaler logs. I imagine it was the extractor, stream, index architecture that I didn't understand. Great job of addressing that upfront and not just going thru a procedural next, next, next configuration

russellbaker

Thanks again for another really good breakdown using real world and human understandable examples.

quebirt

This is Great Tom. I have been looking for this video on this topic. Thanks.

adancalderon

Thanks for this video Tom! I was just starting to work on this. I’d love to see a video that is specifically about getting Suricata logs into Graylog if that’s something you’re interested in!

ZAndrsn

I think I'll need to give this a try - a challenge is that my incoming logs may not be easily structured, they combine different logging formats into a single file and often have stack traces interspersed. I mostly just need a log system that can detect & count certain types of messages over time, and where I can flip through the logs from different services easily.

Matthew-eups

Open Source Logging: Getting Started with Graylog Tutorial

Open Source Logging: Getting Started with Graylog Tutorial

Graylog: Your Comprehensive Guide to Getting Started Open Source Log Management

Don't Contribute to Open Source

Graylog 6: The Best Open Source Logging Tool Got Better!

Meet Grafana LOKI, a Log Aggregation System for EVERYTHING

SigLens: Free Open Source Log Management Platform

What Is Open Source Log Monitoring? - SecurityFirstCorp.com

Grafana Explained in Under 5 Minutes ⏲

Alok Bhide & Bill Hineline, Chronosphere | Open Source Summit 2025

How Fluentd simplifies collecting and consuming logs | Fluentd simply explained

Open Source Observability Explained - The Grafana Stack

ChatGPT Operator is expensive....use this instead (FREE + Open Source)

Your Remote Desktop SUCKS!! Try this instead (FREE + Open Source)

How To Get Started On DonutSMP

Security Logging Use Cases: Building an Open-Source SIEM- Jonah Kowall, Logz.io

code.talks 2017 - Open Source Logging und Monitoring (Torsten Bøgh Köster)

Centralized Free Open Source Logs monitoring tool

How to Contribute to Open Source? Here's Everything You Need to Know

DrupalCon Amsterdam 2014: Using Open Source Logging and Monitoring Tools

2022 | Graylog Install-Free-Open source|Centralized Log Management-Syslog-Monitor pfSense-Unifi

Open-Source Intelligence (OSINT) in 5 Hours - Full Course - Learn OSINT!

Graylog, Open Source Log Management

Before You Start a YouTube Channel... WATCH THIS

Supabase in 100 Seconds