can I make a SIEM solution with graylog, I collect the logs of several devices with graylog I want to normalize the logs and put them in the same format. (standardization of lgs in the same format ) ? or is there a solution or module that can be integrated with graylog to make a SIEM solution.
I don’t know an out of the box solution.
You can normalize the logs with extractors and pipelines, and after you can make alerts.
But I think oit won’t be a SIEM.
with extractors I can normalize the logs ??
it’s complicated to work with extractors , in the site the part “Extractors” is not well explained
The docs are free to edit.
You can do a well discribed page.
GL is not a SIEM.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.