Goals
- Discovery and handling of the Graylog solution for centralization and monitoring of logs
Program
Benefits of centralization
– Security
– Operation
– Monitoring
Centralized solutions
Graylog vs ELK
Features
Architecture
Installation
Initial configuration
Workshop: Installation of the graylog ecosystem
Understanding logging
– Types of logging
– Linux
– Windows
– Network equipment
– Docker micro-services
Create an input channel
Log sending test
Viewing received logs
Workshop: Centralization of logs from a Linux system and a Docker container
Notion of streams
Streams vs Searches
Creation of streams
Associated index
Workshop: Creating a category for micro-services and a category for SSH connection failures
Value of retention
Retention policies Retention
configuration
Workshop: Creation of retention for created categories
Time window
Search criteria
Field management
Saving a search
Exporting the result of a search
Adding a widget to a search
Workshop: Creating and saving an advanced search
Dashboard and search
Creating a dashboard
Using a dashboard
Adding a search to a dashboard
Workshop: Creation of a dashboard and integration of research
Presentation
Creation of event
Display of events
Creation of a notification
Workshop: Setting up an alert
Duration
3 days
Price
£ 2000
Audience
System administrators
Prerequisites
Basic practice of administering a Linux system
Reference
Re101324-F
Sessions
Contact us for more informations about session date