Hi,
I am new to Graylog.
Is it possible to see real time TCP/IP connections, in my case traffic coming from Firewall.
Thank you
Sure, if you can send real time traffic info in text format from firewall to Graylog 
IMHO Zabbix or Nagio are better for this.
Should be possible,
You can start here at this video on system monitoring.
If you can get the intel you want in a log file and send it to graylog, you can monitor what you want in near real time.
@heidfild honestly, your use case sounds more like a classical one for monitoring, not log management. There are NUMEROUS tools that will do this. Like @Karlis said, Zabbix and Nagios are two. I think you’d be hard-pressed to monitor live traffic on a firewall through Graylog.
1 Like
Yes and no, the tools referred to are becoming more and more old school but are still fine to use. But with elastic beats it can be done, getting realtime data every second if wanted, something that cannot me done, at least with free versions of monitoring systems.
Beats can be part of real time security analytics solutions these days. Downside it needs a lot of configuration to use, creating a pages for any individual system.
Thank you all for your suggestions. I will check those tools.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.