Found an interesting blog post on configuring Graylog to detect threats. Hopefully the next posts they publish will do some follow up for actual threat detection and alerts: this first post is focused on normalizing data.
Found an interesting blog post on configuring Graylog to detect threats. Hopefully the next posts they publish will do some follow up for actual threat detection and alerts: this first post is focused on normalizing data.