Hi Team, I am working on Graylog being used as a SIEM platform. I am almost done with Windows, linux, CISCO Routers, Fortinet Firewalls & CheckPoint Firewalls. However my main concern is ingesting logs from database servers or logs which are stored in Databases For example McAfee EPO logs which ar…

You can set up SQL auditing to write to the application or security log. Nxlog can then pick them up. In the other post, the person had trouble writing to the security log. The issue was probably due to permissions problems. See https://docs.microsoft.com/en-us/sql/relational-databases/security/a…

I tried setting up nxlog for reading logs from a SQL table, but in the end ended up setting up logstash with jdbc input plugin and gelf output plugin. Works fine.

SIEM use case for Databases logs

Graylog Central (peer support)

megan201296 (Megan) October 23, 2018, 12:52pm 2

This might help: MS SQL Server Audit Log, how to integrate with Graylog (the second comment specifically).

Topic		Replies	Views
SQL data in graylog Graylog Central (peer support) sidecar , nxlog , filebeat-windows , winlogbeat , nodatanx	6	5833	February 6, 2018
MS SQL Server Audit Log, how to integrate with Graylog Graylog Central (peer support) sidecar , nxlog , filebeat-windows , winlogbeat , nodatanx	3	9056	September 29, 2017
Trying to get data/events directly from a third-party application database Graylog Central (peer support)	4	1636	February 23, 2022
How to send SQL DB logs to Graylog Graylog Central (peer support) sidecar , nxlog , nodatanx	8	10350	December 18, 2019
Hi all, pls help me to understand it Graylog Central (peer support)	4	521	March 5, 2020

SIEM use case for Databases logs

Related topics