Send Graylog logs to Elastic SIEM

robertito · May 28, 2020, 1:28pm

Dear all, I have a Graylog 3 server running OK,with a lot of network and hosts data.

Now I have to send all of these data to a Elastic SIEM 7.7 server I’ve implemented this month.

Is it possible to create a Graylog output and send logs to the Elastic SIEM (ELK stack) in order to have more analysis and detection capacity???

Special thanks !!!

facyber · May 28, 2020, 1:49pm

Have you tried Outputs?

For some types I do know you need specific Output plugin, but I see there are STDOUT and GELF ouputs, not sure if Elastic SIEM supports them.

robertito · May 28, 2020, 2:11pm

OK, thanks a lot…I will try again because I used a GELF output and I can’t see any log on SIEM.

Regards !!!

system · June 11, 2020, 2:11pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash Output to Graylog 3.0 (Can't search message) Graylog Central (peer support)	3	2525	May 24, 2019
Run several outputs Graylog Central (peer support)	3	432	August 6, 2018
Graylog stopped saving data to Elasticsearch after output had been configured Graylog Central (peer support)	3	336	December 29, 2020
Output Stream to ELK Graylog Central (peer support) sidecar , nxlog , nodatanx	1	603	September 24, 2019
How to forward copy of logs from Garylog server to another SIEM tool Graylog Central (peer support)	5	6822	October 23, 2017