Security Hub in R using Graylog

dscryber · March 24, 2022, 8:36pm

Security Hub in R using Graylog

@knilda

shRlog

created by knilda from lachenmair.info IT-Consulting

An overview of firewall log data in R via Shiny App. With the R Shiny App, it is possible to display an interactive graph showing all network connections passing the firewall.

Live Demo here: https://knilda.shinyapps.io/shrlog_example

See a short demo video here: Intro to: Security Hub in R using Graylog - YouTube

This is the first version of the App. We select data from the last 6 hours of a graylog stream via elasticsearch REST API.

Approved in R Version 3.4.2 (2017-09-28) and latest version (at date 01.07.2018) of following packages:

shiny, jsonlite, elastic, dplyr, iptools, ggvis

The elastic stream is on a single index called graylog_1 and should include ‘timestamp’,‘full_message’,‘srcip’, ‘dstip’.

First run data_last_hours.R file in the folder shinyApp/overview_app to get the data. Then open server.R and press the “Run App”-Button.

I am open for any Questions, so please ask.

Topic		Replies	Views
Juniper SRX firewall and routers Graylog Tech Challenges	3	1050	August 10, 2021
Untangle Firewall Syslog to Graylog Content Pack content-pack	0	1067	March 10, 2022
Checkpoint logs in Graylog Graylog Central (peer support)	3	2781	July 31, 2017
New to Graylog - Palo Alto Logs New to Graylog Community? READ-ME FIRST Guides	0	235	June 27, 2024
Palo Alto Networks - Firewalls - Threat and URL filtering Content Pack content-pack	1	2947	June 30, 2022

Security Hub in R using Graylog

Security Hub in R using Graylog

shRlog

Related topics