Houston, TX, USA
2013
  |  By Jeff Darrington
If you’re running Windows in your environment, WinRM is one of the most valuable, and most abused channels in your infrastructure. Graylog provides a purpose-built way to make those logs immediately actionable. The Microsoft WinRM Content Pack, available with an Illuminate license and Graylog Enterprise or Graylog Security, delivers ready-to-use parsing rules, streams, GIM categorization, and a dashboard so you can turn raw WinRM operational events into structured, searchable security intelligence.
  |  By The Graylog Team
Every day, service organizations handle sensitive customer information covered by data protection laws and subject to security compliance requirements. In the business-to-business world, customers require that their vendors provide validation and assurance over their privacy and security controls, typically asking for independent third-party attestations and reports.
  |  By Jeff Darrington
When 48 teams, 104 matches, 16 host cities, and a broadcast audience approaching half the planet converge across six weeks, something else converges at the same time: opportunity for the people trying to exploit it. The 2026 FIFA World Cup is the most complex digital event in history, and the security challenge it creates is not limited to the tournament organizers.
  |  By Jeff Darrington
Picture Singapore’s largest telecommunications network. It carries the financial transactions, emergency communications, and government data of a city-state of nearly six million people. Now picture that infrastructure silently infiltrated for months by a state-linked espionage group, undetected until the telcos’ own security teams found it.
  |  By Jeff Darrington
As cyber threats targeting critical infrastructure continue to evolve, the energy sector remains a prime target for malicious actors. Protecting the electric grid requires a strong regulatory framework and robust cybersecurity monitoring practices. In the United States, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) play key roles in safeguarding the power system against cyber risks.
  |  By Jeff Darrington
At 3am, you wake up in a cold sweat from a nightmare. The dream? You showed up to test for your most difficult class without having studied. Unprepared, your dream self sat in an uncomfortable desk, staring at a piece of paper and panicking. In the corporate world, an audit can induce the same sense of anxiety and distress.
  |  By Jeff Darrington
Picture a cybersecurity team responsible for protecting a classified military installation in a remote operational theater. No internet connection. No cloud services. Classified and unclassified networks running on physically separate infrastructure. Their security information and event management system has to detect threats, correlate events, and generate alerts with zero external connectivity, for the entire deployment. That is not a compliance checkbox. It is a physics problem.
  |  By The Graylog Team
Analyst reports tell you what vendors do. Peer reviews tell you whether it actually works. The Gartner Peer Insights Voice of the Customer for SIEM is built on verified reviews from real security and IT practitioners who bought, deployed, and operated the platforms they rated. No vendor involvement in the scoring. No pay-to-play placement. Just practitioners saying what worked and what did not. Graylog was included in the 2026 edition of that report. Here’s what our users said.
  |  By Jeff Darrington
When people start driving, one of the first things they learn is how to set the rear-view and side-view mirrors. Whether driving locally or on the highway, these mirror configurations reduce accident risk because they improve the driver’s visibility into the cars behind and around them. In the cloud, various technical configurations act similarly.
  |  By Jeff Darrington
In 2023, India’s Parliament approved and published The Digital Personal Data Protection Act (DPDPA). In many ways, the DPDPA is similar to other regulations, like the General Data Protection Regulation (GDPR). It establishes a similar data subject, or in this case Data Principal, rights of notice, consents, access, correction, and erasure. In other ways, the DPDPA creates unique definitions of and requirements for organizations that collect, process, and share personal information.
  |  By Graylog
Lean security teams don't need a smaller version of an enterprise SOC. They need a different approach entirely. Graylog Director of Product Management, Rich Murphy, joins Logs and Lattes to explain why 2-to-4-person security teams are the most underserved segment in cybersecurity and what needs to change.
  |  By Graylog
Most folks build their SIEM the same way they load a junk drawer: by shoving in whatever they already have—Active Directory, firewalls, and a whole lot of “eh, why not.” But at Graylog, we think you deserve better than a glorified log toilet. In this talk, we’ll flip the script: start with the problems you’re actually trying to solve, then figure out what you need to know, then what data supports that. And with Graylog’s Intelligent Data Routing, you can now act on that plan—sending high-value data to hot storage and archiving the rest to standby storage for when (and if) it’s needed. Build your SIEM like it has a brain—and a budget.
  |  By Graylog
Follow Joel Duffield while he talks about why some systems just don’t want to be logged. Whether it’s your backup tool that only sends email alerts, your budget IoT device that wasn’t built for enterprises, or that one SaaS app stuck on the free tier—there’s no clean way to get their messages into your SIEM.
  |  By Graylog
Lean security teams operating in hybrid and regulated environments are not just fighting threats. They are fighting time. When evidence is scattered across email, identity, VPN endpoints, cloud, and network tools, even a solid detection means nothing if triage slows to a crawl. In this episode of Logs and Lattes, host Palmer Wallace and Graylog Solutions Architect Kyle Pearson break down the top ten security threats hybrid organizations are actually dealing with in 2026 and the single common failure behind most of them: fragmented telemetry that delays investigation when it matters most.
  |  By Graylog
Security teams spent 2025 operating at maximum load. Alert volume kept rising, analysts pivoted across too many tools, AI arrived faster than governance could support, and cloud costs shaped what data teams felt safe keeping. In this episode of Logs and Lattes, host Palmer Wallace and Jeff Darrington break down what actually happened inside real SOCs and how those lessons are already guiding 2026.
  |  By Graylog
Security teams spent 2025 operating at maximum load. Alert volume kept rising, analysts pivoted across too many tools, AI arrived faster than governance could support, and cloud costs shaped what data teams felt safe keeping. In this episode of Logs and Lattes, host Palmer Wallace and Jeff Darrington break down what actually happened inside real SOCs and how those lessons are already guiding 2026.
  |  By Graylog
How much value are you really getting from your logs, and what are you giving up to stay on budget? In this episode of Logs and Lattes, host Palmer Wallace sits down with Seth Goldhammer, VP of Product Management at Graylog, for a candid conversation about the hidden cost of traditional SIEM pricing. Seth explains how ingest-based and resource-heavy licensing models pressure security teams into tough tradeoffs, such as dropping logs, tuning down detections, or limiting retention just to avoid budget overages.
  |  By Graylog
Graylog earned recognition from both Gartner and GigaOm, and it is reshaping how teams think about SIEM. In this episode of Logs & Lattes, host Palmer Wallace talks with Kimber Spradlin, Chief Marketing Officer at Graylog, about what this dual recognition means for customers, analysts, and the future of security operations.
  |  By Graylog
Graylog earned recognition from both Gartner and GigaOm, and it is reshaping how teams think about SIEM. In this episode of Logs & Lattes, host Palmer Wallace talks with Kimber Spradlin, Chief Marketing Officer at Graylog, about what this dual recognition means for customers, analysts, and the future of security operations.
  |  By Graylog
Security teams are overwhelmed by alerts, but which ones really matter? In this episode of Logs & Lattes, host Palmer Wallace talks with Rich Murphy, Senior Product Manager at Graylog, about how smarter security operations help teams cut through the noise and focus on what truly reduces risk. From alert fatigue to risk-first response, they unpack practical ways to prioritize real threats, automate with context, and make incident response faster and more effective. Learn how modern SOCs are evolving beyond alert overload to focus on meaningful, risk-based action.
  |  By Graylog
When it comes to security data enrichment, it's helpful to think beyond threat intelligence. This white paper explores viable standard and advanced third-party intelligence enrichment sources that are often overlooked.
  |  By Graylog
In this guide, what to consider when selecting a source of threat intelligence and how to make threat intelligence work for your organization.
  |  By Graylog
When alerts go unheeded or don't deliver next steps on how to mitigate threats, SIEM can become an expensive and ineffective tool.
  |  By Graylog
This paper examines the critical criteria to consider when evaluating tools for managing your data. There are compelling reasons why Graylog is the best choice for log management and analysis.
  |  By Graylog
The previous data protection directive passed long before the Internet became the primary marketplace for businesses. In light of recent data and privacy issues, consumers demand higher standards for more security.

Graylog is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data. We deliver a better user experience by making analysis ridiculously fast and efficient using a more cost-effective and flexible architecture. Thousands of IT professionals rely on Graylog's scalability, comprehensive access to complete data, and exceptional user experience to solve security, compliance, operational, and DevOps issues every day.

Purpose-built for modern log analytics, Graylog removes complexity from data exploration, compliance audits, and threat hunting so you can find meaning in data more easily and take action faster.