SIEM with Graylog

Hi everyone,
can I make a SIEM solution with graylog, I collect the logs of several devices with graylog I want to normalize the logs and put them in the same format. (standardization of lgs in the same format ) ? or is there a solution or module that can be integrated with graylog to make a SIEM solution.

I don’t know an out of the box solution.

You can normalize the logs with extractors and pipelines, and after you can make alerts.
But I think oit won’t be a SIEM.

1 Like
with extractors I can normalize the logs ??

it’s complicated to work with extractors , in the site the part “Extractors” is not well explained

The docs are free to edit.
You can do a well discribed page.

GL is not a SIEM.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.