Graylog Integrations

StrongDM is a People-First Access platform that gives technical staff a direct route to the critical infrastructure they need to be their most productive. End users enjoy fast, intuitive, and auditable access to the resources they need, and administrators leverage simplified workflows to enhance security and compliance postures. - We open up a clear, direct path that gives individualized access to the right people and keeps everyone else out. - Total visibility into everything that’s ever happened in your stack. Security and Compliance teams can easily answer who did what, where, and when. - Admins have precise control over what each user has access to—without these controls ever getting in the way of productivity - IT, InfoSec, and Administrators have precise controls. Unauthorized access is eliminated because users never see resources they don’t have permission to use. -All past, present, and future infrastructure is supported - Responsive 24/7/365 customer support.

The open-source observability platform everyone needs! Netdata collects metrics per second and presents them in beautiful low-latency dashboards. It is designed to run on all of your physical and virtual servers, cloud deployments, Kubernetes clusters, and edge/IoT devices, to monitor your systems, containers, and applications. It scales nicely from just a single server to thousands of servers, even in complex multi/mixed/hybrid cloud environments, and given enough disk space it can keep your metrics for years. KEY FEATURES: 💥 Collects metrics from 800+ integrations 💪 Real-Time, Low-Latency, High-Resolution 😶‍🌫️ Unsupervised Anomaly Detection 🔥 Powerful Visualization 🔔 Out of box Alerts 📖 systemd Journal Logs Explorer 😎 Low Maintenance ⭐ Open and Extensible Try Netdata today and feel the pulse of your infrastructure, with high-resolution metrics, journal logs and real-time visualizations.

Squadcast is an incident management tool that’s purpose-built for SRE. Create a blameless culture by reducing the need for physical war rooms, centralize SLO dashboards, unify internal and external SLIs and automate incident resolution and knowledge base creation with Squadcast Actions. Adopt world-class site reliability practices with a centralized SLO dashboard to view your system health. Anticipate incidents before they occur and respond proactively. The first step towards doing better incident management is adding enough context to incidents while they get detected. With Squadcast, discover everything you need, to take action and achieve best-in-class MTTD with highly configurable features like alert deduplication and tagging.

Telegraf is the open source server agent to help you collect metrics from your stacks, sensors and systems. Telegraf is a plugin-driven server agent for collecting and sending metrics and events from databases, systems, and IoT sensors. Telegraf is written in Go and compiles into a single binary with no external dependencies, and requires a very minimal memory footprint. Telegraf can collect metrics from a wide array of inputs and write them into a wide array of outputs. It is plugin-driven for both collection and output of data so it is easily extendable. It is written in Go, which means that it is a compiled and standalone binary that can be executed on any system with no need for external dependencies, no npm, pip, gem, or other package management tools required. With 300+ plugins already written by subject matter experts on the data in the community, it is easy to start collecting metrics from your end-points.

SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 28 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic and zero-trust cybersecurity approach, and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® as core pillars are recognized by the independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations from 155 countries, including 42% of Fortune 100, 21% of Forbes Global 2000, 90+ public sector institutions, and 300+ MSSP and MDR providers. Driven by its advanced cybersecurity solutions, Threat Detection Marketplace, Uncoder AI, and Attack Detective, SOC Prime enables organizations to risk-optimize their cybersecurity posture while improving the ROI of their SOC investments.

SMSEagle is a hardware SMS gateway that enables SMS messages to be sent directly to telecommunication carrier without 3rd party services and without the Internet. This is achieved by using a SIM card, built-in radio modules with external antenna to communicate directly with a telecommunication operator (works similar to mobile phones). Hardware SMS gateway, also known as SMS server, integrates hardware and software for managing communication. The device offers various methods for integration with external systems like API, Email To SMS, etc. Support of different message types (normal SMS/multipart SMS/flash SMS/MMS/binary SMS/USSD-code/WAP Push link) Unicode support (support of national characters) Sending to single users or groups of users Sending SMS at specified date and time (SMS scheduling) Limit sending to specified hours (for example between 08:00-18:00) Smartphone-like conversation mode (messages are nicely grouped by phone number). and many more...

Icinga is a monitoring system which checks the availability of your network resources, notifies users of outages, and generates performance data for reporting. Scalable and extensible, Icinga can monitor large, complex environments across multiple locations. Icinga 2 is the monitoring server and requires Icinga Web 2 on top in your Icinga Stack. The configuration can be easily managed with either the Icinga Director, config management tools or plain text within the Icinga DSL. Find answers, take actions and become a problem-solver. Be flexible and take your own ways. Stay curious, stay passionate, stay in the loop. Tackle your monitoring challenge. The Icinga stack spans six core strengths that cover all aspects of monitoring. Level up with valuable insights and on-time notifications, eye-opening visuals and analytics. Icinga easily integrates within your systems, and gives you the power to automate your tasks.

EJBCA is an Enterprise grade PKI platform capable of issuing and managing digital certificates in the billions. One of the most used PKI platforms globally, it is used by governments and large enterprises across all sectors. PKI shouldn't be complex. Simplify it, with EJBCA® Enterprise, the only PKI platform that deploys fast, runs anywhere, and scales on-demand — so you can issue and manage thousands, even billions of certificates, no problem. Powered by the most trusted and widely used open-source PKI, EJBCA Enterprise empowers teams to establish trust with identity-first security for every human and machine, anywhere. Replace legacy CA solutions with a flexible and scalable PKI platform to issue and manage certificates for devices, workloads, and users. Embed certificate-based identity into thousands or millions of connected products with a fast and scalable PKI solution.

Central Management Server Software. Instantly gain complete and granular control over all of your encrypted USB flash drives and portable hard drives with the SafeConsole central management server software: Achieve compliance for USB storage usage, with full control and audit. Keep the productivity benefits of USB storage devices – without the risks of malware, data leaks and breaches. Available as an on-premises software or as a DataLocker hosted cloud service with worldwide locations. Enforce policies such as password rules, file-type restrictions or geographic boundaries. Reset passwords, switch devices into read-only mode, and even remotely wipe them in case of loss or theft. Monitor all your encrypted drives, including their location anywhere in the world. Integrate with Active Directory to track users, assigned devices and connected computers with ease. See which files are saved to or deleted from your encrypted drives at any given moment.

Kapacitor is a native data processing engine for InfluxDB 1.x and is an integrated component in the InfluxDB 2.0 platform. Kapacitor can process both stream and batch data from InfluxDB, acting on this data in real-time via its programming language TICKscript. Today’s modern applications require more than just dashboarding and operator alerts—they need the ability to trigger actions. Kapacitor’s alerting system follows a publish-subscribe design pattern. Alerts are published to topics and handlers subscribe to a topic. This pub/sub model and the ability for these to call User Defined Functions make Kapacitor very flexible to act as the control plane in your environment, performing tasks like auto-scaling, stock reordering, and IoT device control. Kapacitor provides a simple plugin architecture, or interface, that allows it to integrate with any anomaly detection engine.

Ask questions about your servers, and laptops. Whatever their operating system, wherever they live. Track and segment your enrolled hosts. Search by important details, and zoom in on individual targets. Collect and share useful information for ops teams, security teams, help desk, and more. Fleet is self-hosted and self-managed, and can be run within your own data centers or in the cloud. Write scripts with fleetctl and design scheduled queries to integrate alerts and dashboards across your enterprise.

Zenduty’s end-to-end incident alerting, on-call management and response orchestration platform helps you institutionalize reliability into your production operations. Get a single pane of glass view of the health of all your production operations. Respond to incidents 90% faster and resolve them 60% faster. Deploy customized and data-driven on-call rotations to ensure 24/7 operational coverage for major incidents. Deploy industry-leading incident response procedures and resolve incidents faster through effective task delegation and collaborative triaging. Bring your playbooks automatically into your incidents. Log incident tasks and action items for productive postmortems and future incidents. Suppress noisy alerts so that your engineers and support staff are focused on the alerts that matter. Over 100+ integrations with all your APMs, log monitoring, error monitoring, server monitoring, ITSM, Support, and security services.

Get AI recommendations for your alerts. It can generate recommendations for your alert based on the persona selected. Ask Parny AI has three personas, DevOps engineer, senior developer and database administrator. Our personas are trained to provide the best recommendations for your alerts. You can easily add your team members to the on-call team member list. Always alert the right person at the right time. Share on-call responsibility across your team with on-call schedules and automatic escalations. We support engineering teams to be more proactive, resolve incidents faster and deliver a seamless operations experience. Get custom analytics for your organization, teams, services and users. Always be up to date with your performance and improve your organization's efficiency.

Centreon is a global provider of business-aware IT monitoring for always-on operations and performance excellence. The company’s holistic, AIOps-ready platform is designed for today’s complex, distributed hybrid cloud infrastructures. Centreon monitors the complete IT Infrastructure from Cloud-to-Edge for a clear and comprehensive view. Centreon removes blind spots, monitoring all equipment, middleware and applications that are part of modern IT workflows, from on-premise legacy assets to private and public cloud environments, all the way to the edge of the network, where smart devices and customers combine to create business value. Centreon is constantly current, able to support the most dynamic environments. With auto-discovery capabilities it can keep track of Software-Defined Network (SDN) elements, AWS or Azure cloud assets, Wi-Fi access points or any other component of today’s agile IT infrastructure.

Enso is transforming application security by empowering organizations to build, manage and scale their AppSec programs. Its Application Security Posture Management (ASPM) platform easily deploys into an organization’s environment to create an actionable, unified inventory of all application assets, their owners, security posture and associated risk. With Enso Security, AppSec teams gain the capacity to manage the tools, people and processes involved in application security, enabling them to build a simplified, agile and scalable application security program without interfering with development. Enso has been recognized with numerous awards including the 2022 Excellence Awards, Globee Awards, and Forbes Top 20 Cybersecurity Startups to Watch.

Trusted on critical infrastructure globally, Sandfly delivers agentless Linux security with no endpoint agents and no drama. Instant deployment without compromising stability or needing endpoint agents. Sandfly is an agentless, instantly deployable, and safe Linux security monitoring platform. Sandfly protects virtually any Linux system, from modern cloud deployments to decade-old devices, regardless of distribution or CPU architecture. Besides traditional Endpoint Detection and Response (EDR) capabilities, Sandfly also tracks SSH credentials, audits for weak passwords, detects unauthorized changes with drift detection, and allows custom modules to find new and emerging threats. We do all of this with the utmost safety, performance, and compatibility on Linux. And, we do it without loading agents on your endpoints. The widest coverage for Linux on the market. Sandfly protects most distributions and architectures such as AMD, Intel, Arm, MIPS, and POWER CPUs.

Swimlane is a leader in security orchestration, automation and response (SOAR). By automating time-intensive, manual processes and operational workflows and delivering powerful, consolidated analytics, real-time dashboards and reporting from across your security infrastructure, Swimlane maximizes the incident response capabilities of over-burdened and understaffed security operations. Swimlane was founded to deliver scalable, innovative and flexible security solutions to organizations struggling with alert fatigue, vendor proliferation and chronic staffing shortages. Swimlane is at the forefront of the growing market for security automation and orchestration solutions that automate and organize security processes in repeatable ways to get the most out of available resources and accelerate incident response.

We host and manage services like PostgreSQL, Graylog, RabbitMQ, MariaDB, Elasticsearch, Redis and dozen more. Start your services in just 2 minutes and be production ready instantly. Focus on your business, not on your infrastructure anymore. Our catalog contains dozen of services and we add new ones each month. You'll no longer have to juggle between cloud providers and technical solutions. Our pricing is clear and simple, without surprises at the end of the month. Start a small infrastructure and make it choose your instance up to 16 vCPUs and 64 GB of RAM and scale it as your business grows. as your business grows. We optimize the hardware and tune the software to get a blazing fast solution. We use open source solutions so you're not locked into proprietary, dark ones. You and your data are free to move when you want, where want. Create and delete services when you want, you'll be billed per hour of use and will receive a single clear invoice, each month, with all the details.

Powered by our Continuous Threat Detection (CTD) and Secure Remote Access (SRA) solutions, our platform provides a full range of industrial cybersecurity controls that integrate seamlessly with your existing infrastructure, scale effortlessly, and have the industry's lowest total cost of ownership (TCO). The comprehensive industrial cybersecurity controls our platform provides revolve around the REVEAL, PROTECT, DETECT, CONNECT framework. Our platform's features empower you to achieve effective industrial cybersecurity, regardless of where you are on your industrial cybersecurity journey. The Claroty Platform is deployed across multiple industries, each with unique operational and security needs. Effective industrial cybersecurity starts with knowing what needs to be secured. Our platform removes the barriers that limit industrial networks from securely connecting to what enables the rest of the business to operate and innovate with an acceptable level of risk.

IoT has created the world’s largest attack surface — and 80% of IoT devices are wirelessly connected. Today’s networks and organizations were never built to handle the massive volume, velocity and hyper-connectivity of smart devices. Most businesses still struggle to identify IoT devices within their environment – creating new security blind spots. AirShield provides comprehensive visibility into the IoT and OT (operational technology) threat landscape in order to detect, assess and prevent risk from unmanaged, unsecured and misconfigured IoT devices. AirShield provides non-intrusive real-time visibility and comprehensive monitoring and protection for broad-spectrum wireless devices for IoT, Industrial Internet of Things (IIOT), Internet of Medical Things (IOMT), and OT environments, irrespective of operating system, protocol, or connection type. AirShield sensors connect to the LOCH Machine Vision Cloud. No on-premise server installation is required.

Recorded Future is the world’s largest provider of intelligence for enterprise security. By combining persistent and pervasive automated data collection and analytics with human analysis, Recorded Future delivers intelligence that is timely, accurate, and actionable. In a world of ever-increasing chaos and uncertainty, Recorded Future empowers organizations with the visibility they need to identify and detect threats faster; take proactive action to disrupt adversaries; and protect their people, systems, and assets, so business can be conducted with confidence. Recorded Future is trusted by more than 1,000 businesses and government organizations around the world. The Recorded Future Security Intelligence Platform produces superior security intelligence that disrupts adversaries at scale. It combines analytics with human expertise to unite an unrivaled variety of open source, dark web, technical sources, and original research.

You choose your tools, we take care of the rest. Put together the perfect CI/CD stack that fits your organization’s goals with zero vendor lock-in. ‍Eliminate manual scripts and stop building toolchain automation. Free your engineers to focus on your core business. Pipeline workflows follow a declarative model so you focus on what is required — not how it’s accomplished — including: software builds, security scans, unit testing, and deployments. With Blueprints, diagnose any failures from within Opsera using a console output of every step of your pipeline execution. Comprehensive software delivery analytics across your CI/CD process in a unified view — including Lead Time, Change Failure Rate, Deployment Frequency, and Time to Restore. ‍Contextualized logs for faster resolution and improved auditing and compliance.

Learn what a digital risk protection solution is and how it can help you be better prepared by understanding who is targeting you, what they’re after, and how they plan to compromise you. Mandiant delivers a broad digital risk protection solution either via stand-alone self-managed SaaS products or a comprehensive service. Both options give security professionals visibility outside their organization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web, and attack campaigns on the open web.  Mandiant’s digital risk protection solution also provides contextual information on threat actors and their tactics, techniques, and procedures to provide a more secure cyber threat profile. Gain visibility into risk factors impacting the extended enterprise and supply chain by mapping your attack surface and monitoring deep and dark web activity.  Identify unknown or unmanaged vulnerable internet-facing assets before threat actors do.