Graylog Labs - Risk Based Alerts Using Lookup Tables

jim_dawson · February 14, 2023, 11:08am

Hey everyone,

Hope you’re all having a great day!

I’m sharing a blog post I’ve written that walks through how to use Lookup Tables as part of Event Definitions. It’s a super powerful way to expand the Alerting capabilities inside of Graylog, particularly in making them more dynamic. I hope you find it an interesting read and let me know if you have any feedback!

Blog post - Risk Based Alerts Using Lookup Tables

Jim

dscryber · February 14, 2023, 4:26pm

Hey, @jim_dawson ,

A big Graylog Community Thank you!

We’re asking members for content, and it’s great to have a blog entry from you!

Members, Be sure to read Jim’s blog and post comments, questions, or your own blog entry!

Topic		Replies	Views
Do lookups only for messages that trigger alerts Graylog Central (peer support)	2	281	September 3, 2021
Graylog Advance Rules and Dynamic Lookup Graylog Central (peer support) pipeline-rules	4	734	February 25, 2019
Dynamic Lookup Tables and Compare Timestamps with each other to create a notification Graylog Central (peer support)	1	31	July 23, 2024
Blacklist messages based on multiple conditions Graylog Central (peer support)	1	557	October 31, 2018
Webinar on Graylog 3.1 release Updates and Upcoming Events	1	971	June 21, 2021

Graylog Labs - Risk Based Alerts Using Lookup Tables

Related topics