Graylog Integrations

Access and access management today have become more complex and frustrating. strongDM redesigns access around the people who need it, making it incredibly simple and usable while ensuring total security and compliance. We call it People-First Access. End users enjoy fast, intuitive, and auditable access to the resources they need. Administrators gain precise controls, eliminating unauthorized and excessive access permissions. IT, Security, DevOps, and Compliance teams can easily answer who did what, where, and when with comprehensive audit logs. It seamlessly and securely integrates with every environment and protocol your team needs, with responsive 24/7 support.

Monitor your servers, containers, and applications, in high-resolution and in real-time. Netdata collects metrics per second and presents them in beautiful low-latency dashboards. It is designed to run on all of your physical and virtual servers, cloud deployments, Kubernetes clusters, and edge/IoT devices, to monitor your systems, containers, and applications. It scales nicely from just a single server to thousands of servers, even in complex multi/mixed/hybrid cloud environments, and given enough disk space it can keep your metrics for years. KEY FEATURES: Collects metrics from 800+ integrations Real-Time, Low-Latency, High-Resolution Unsupervised Anomaly Detection Powerful Visualization Out of box Alerts systemd Journal Logs Explorer Low Maintenance Open and Extensible Troubleshoot slowdowns and anomalies in your infrastructure with thousands of per-second metrics, meaningful visualisations, and insightful health alarms with zero configuration. Netdata is different. Real-Time data collection and visualization. Infinite scalability baked into its design. Flexible and extremely modular. Immediately available for troubleshooting, requiring zero prior knowledge and preparation.

Squadcast is a tool for incident management that was specifically designed for SRE. Squadcast Actions can help you create a culture of blamelessness by reducing the need to have physical war rooms.

Telegraf is an open-source server agent that helps you collect metrics from your sensors, stacks, and systems. Telegraf is a plugin-driven agent that collects and sends metrics and events from systems, databases, and IoT sensors. Telegraf is written in Go. It compiles to a single binary and has no external dependencies. It also requires very little memory. Telegraf can gather metrics from a wide variety of inputs and then write them into a wide range of outputs. It can be easily extended by being plugin-driven for both the collection and output data. It is written in Go and can be run on any system without external dependencies. It is easy to collect metrics from your endpoints with the 300+ plugins that have been created by data experts in the community.

SOC Prime equips security teams with the largest and most robust platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 28 SIEM, EDR, and XDR platforms. Backed by a zero-trust approach and cutting-edge technology powered by Sigma and MITRE ATT&CK®️, SOC Prime enables smart data orchestration, cost-efficient threat hunting, and dynamic attack surface visibility to maximize the ROI of SIEM, EDR, XDR & Data Lake solutions while boosting detection engineering efficiency. SOC Prime’s innovation is recognized by independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations from 155 countries, including 42% of Fortune 100, 21% of Forbes Global 2000, 90+ public sector institutions, and 300+ MSSP and MDR providers. SOC Prime is backed by DNX Ventures, Streamlined Ventures, and Rembrandt Venture Partners, having received $11.5M in funding in October 2021. Driven by its advanced cybersecurity solutions, Threat Detection Marketplace, Uncoder AI, and Attack Detective, SOC Prime enables organizations to risk-optimize their cybersecurity posture.

SMSEagle, a hardware SMS gateway, allows SMS messages to be sent to a telecommunication carrier directly without using 3rd-party services or the Internet. This is done by using a SIM Card, built-in modules with an external antenna to communicate with a telecommunications operator directly (works like mobile phones). Hardware SMS gateways, also called SMS servers, integrate hardware and software to manage communication. The device provides various methods of integration with external systems such as API, Email to SMS, etc.

Icinga is an internet monitoring system that checks the availability of your network resources and notifies users when there are outages. It also generates performance data for reporting. Icinga is flexible and extensible. It can monitor complex environments in multiple locations. Icinga 2 is the monitoring server and requires Icinga Web 2 on top in your Icinga Stack. You can manage the configuration with the Icinga Director or config management tools. Plain text is also available within the Icinga DSL. Find solutions, take action and become a problem-solver. Flexibility is key. Keep curious, stay passionate, and stay in the loop. Tackle your monitoring challenge. The Icinga stack consists of six core strengths that cover all aspects related to monitoring. You can get valuable insights, on-time notifications and eye-opening visuals as well as analytics. Icinga integrates easily into your systems and gives you the power of automating your tasks.

EJBCA, an Enterprise-grade PKI platform, can issue and manage digital certificates in the millions. It is one of the most widely used PKI platforms worldwide and is used by large enterprises in all sectors.

Central Management Server Software. SecureConsole central management software gives you instant access to all your encrypted USB flash drives or portable hard drives. It allows you to instantly gain complete control over them. You can enjoy the productivity benefits of USB storage devices without worrying about malware, data leaks or breaches. Available as an on-premises or DataLocker hosted cloud service with global locations. You can enforce policies such as file type restrictions, password rules, and geographic boundaries. Reset passwords, change devices to read-only mode, or remotely wipe them in the event of theft or loss. All encrypted drives can be monitored, including their location around the globe. Integrate Active Directory to easily track users, devices and computers connected. You can see which files are being saved to and deleted from your encrypted drives at any time.

Kapacitor, a native data processing engine in InfluxDB 1.x, is an integral component of the InfluxDB 2.0 platform. Kapacitor is able to process both batch and stream data from InfluxDB. It can also act on these data in real time via its programming language TICKscript. Modern applications need more than operator alerts and dashboarding. They also require the ability to trigger actions. Kapacitor's alerting system uses a publish-subscribe design. Alerts are sent to topics, and subscribers subscribe to a topic. Kapacitor is very flexible and can be used to control your environment. It can perform tasks such as stock reordering and auto-scaling. Kapacitor has a simple plugin architecture (or interface) that allows it integrate with any anomaly detector engine.

Ask questions about servers and laptops. No matter what operating system they use, no matter where they live. Track and segment your enrolled hosts. You can search for important details and zoom in on specific targets. Share and collect useful information for ops teams and security teams, as well as the help desk. Fleet can be hosted and managed by you in your own data centers, or in the cloud. Fleetctl can be used to create scripts and schedule queries that integrate alerts and dashboards throughout your enterprise.

Zenduty's platform for incident alerting, response orchestration and on-call management helps you to institutionalize reliability in your production operations. You can get a single view of the health and performance of your entire production operation. Respond to incidents 90 percent faster and resolve them 60 percent faster. Implement customized and data driven on-call rotations for 24/7 operational coverage of major incidents. Implement industry-leading incident response protocols and resolve incidents quicker through effective task delegation. Bring your playbooks into your incidents automatically. Logging incident tasks and actions items will help you to produce productive postmortems for future incidents. Suppress loud alerts to allow your engineers and support staff to focus on the alerts which are important. Over 100+ integrations for all your APMs and log monitoring, error tracking, server monitoring, ITSM Support, and Security services.

Get AI recommendations for alerts. It can generate alert recommendations based on your selected persona. Ask Parny AI offers three personas: DevOps Engineer, Senior Developer, and Database Administrator. Our personas have been trained to give the best recommendations based on your alerts. You can add your team members easily to the list of on-call team members. Alert the right person when it's needed. Share the on-call responsibilities across your team using on-call schedules, and automatic escalation. We help engineering teams be more proactive, resolve issues faster and deliver a seamless operation experience. Get custom analytics for you organization, teams, users and services. Improve your organization's performance by staying up-to-date with your performance.

Centreon is a global provider for business-aware IT monitoring to ensure high performance and continuous operations. The company's AIOps-ready platform, which is holistic and ready for use in today's complex hybrid cloud infrastructures, is designed to meet the needs of these distributed clouds. Centreon monitors all aspects of the IT Infrastructure, from Cloud-to Edge for a clear and comprehensive view. Centreon eliminates blind spots by monitoring all equipment, middleware, and applications that are part modern IT workflows. This includes legacy assets on-premise, private and public clouds, and all the way to edge of the network where smart devices and customers come together to create business value. Centreon is always up-to-date and can support even the most dynamic environments. It has auto-discovery capabilities that allow it to keep track of Software Defined Network (SDN), AWS or Azure cloud assets and Wi-Fi access points, as well as any other component of today’s agile IT infrastructure.

Through Application Security Posture Management (ASPM), Enso's platform easily deploys into an organization’s environment to create an actionable, unified inventory of all application assets, their owners, security posture and associated risk. With Enso Security, AppSec teams gain the capacity to manage the tools, people and processes involved in application security, enabling them to build an agile AppSec without interfering with development. Enso is used daily AppSec teams small and large across the globe. Get in touch for more information!

Sandfly is trusted on critical infrastructure around the world. It delivers Linux security without endpoint agents or drama. Instant deployment without compromising on stability or requiring endpoint agents. Sandfly provides a Linux security monitoring platform that is agentless, instantaneously deployable, and secure. Sandfly can protect any Linux system - from cloud deployments and older devices to modern cloud deployments, regardless of CPU architecture or distribution. Sandfly's Endpoint Detection and Response capabilities (EDR) include tracking SSH credentials, auditing for weak passwords and drift detection. Custom modules can be added to the Sandfly platform to detect new and emerging threats. All of this is done with the highest level of safety, performance and compatibility for Linux. We do this without installing agents on your endpoints. The most comprehensive Linux coverage on the market. Sandfly protects all Linux distributions, including AMD, Intel, Arm and POWER CPUs.

Log data can provide powerful insights to help you achieve complete security observability. Multi-platform tool that enhances threat prevention and improves infrastructure visibility. With over 120 configurable modules and support for more than 100 operating system versions, you can gain comprehensive insights as well as increased security. Reduce the cost of your SIEM by reducing noise and unnecessary log data. Filter events, trim unused fields and remove duplicates in order to improve the quality of your logs. With a single tool, you can collect and aggregate logs across your entire organization. Reduce the complexity of managing security-related incidents and reduce detection and response time. By centralizing certain logs into an SIEM, and archiving other logs on your long-term storage, you can empower your organization to meet compliance regulations. NXLog Platform provides centralized log management with flexible processing.

Swimlane is a leader for security orchestration, automation, and response (SOAR). Swimlane automates manual, time-intensive processes and operational workflows, and delivers powerful, consolidated analytics and real-time dashboards from across your security infrastructure. This allows you to maximize the incident response capabilities for over-burdened, understaffed security operations. Swimlane was established to provide flexible, innovative, and scalable security solutions to organizations that are struggling with alert fatigue, vendor proliferation, and staffing shortages. Swimlane is a leader in the growing market for security orchestration and automation solutions that automate and organise security processes in repeatable ways to maximize resources and speed incident response.

We host and manage services such as PostgreSQL and Graylog, RabbitMQ and MariaDB, Elasticsearch and Redis. You can start your services in less than 2 minutes and have them ready for production immediately. You should be focusing on your business and not your infrastructure. We add new services every month to our service catalog. No more need to switch between technical solutions and cloud providers. Our pricing is transparent and straightforward, with no surprises at the end. Start small and let it choose your instance up until 16 vCPUs or 64 GB RAM. Scale it as your business grows. as your business grows. We optimize the hardware and tune software to provide a lightning fast solution. Open source solutions are available so that you don't have to use proprietary, dark solutions. Your data and you can move whenever you want, wherever you want. You can create and delete services whenever you like. You'll be charged per hour and receive one clear invoice each month with all details.

Our Continuous Threat Detection and Secure Remote Access (SRA), solutions power our platform. It offers a complete range of industrial cybersecurity controls that can be integrated seamlessly with your existing infrastructure. They scale easily and have the lowest total cost of ownership (TCO) in the industry. Our platform offers comprehensive industrial cybersecurity controls that are based on the REVEAL PROTECT DETECT CONNECT framework. No matter where you are in your industrial cybersecurity journey, the features of our platform will enable you to achieve effective industrial cyber security. Claroty Platform can be deployed in multiple industries with different security and operational requirements. Knowing what security needs to be met is the first step to effective industrial cybersecurity. Our platform removes barriers that prevent industrial networks from securely connecting to what allows the rest of the business and allows them to innovate and operate with an acceptable level risk.

The IoT has created the largest attack surface in the world, with 80% of IoT devices being wirelessly connected. The massive volume, velocity, and hyper-connectivity that smart devices bring to organizations and networks today was never possible. Many businesses are still unable to identify IoT devices in their environment, creating new security blindspots. AirShield provides comprehensive visibility to the IoT (operational technology), threat landscape to detect, assess, and prevent risk from unmanaged and unsecured IoT devices. AirShield provides noninvasive real-time visibility, comprehensive monitoring and protection for broad spectrum wireless devices for IoT (industrial internet of things (IIOT), Internet of Medical Things(IOMT) and OT environments. It does not matter what operating system, protocol or connection type. The LOCH Machine Vision cloud is connected to the AirShield sensors. There is no need to install a server on-premises.

Recorded Future is the largest provider of enterprise security intelligence in the world. Recorded Future provides timely, accurate, and practical intelligence by combining pervasive and persistent automated data collection and analysis with human analysis. Recorded Future gives organizations the visibility they need in a world of increasing chaos and uncertainty. It helps them identify and detect threats faster, take proactive action to disrupt adversaries, and protect their people and systems so that business can continue with confidence. Recorded Future has been trusted by over 1,000 businesses and government agencies around the globe. Recorded Future Security Intelligence Platform provides superior security intelligence that disrupts adversaries on a large scale. It combines analytics and human expertise to combine a wide range of open source, dark net, technical, and original research.

We take care of everything. You can create the perfect CI/CD platform that meets your company's needs with zero vendor lock-in. Stop building toolchain automation and stop writing manual scripts. Your engineers can now focus on your core business. The declarative model of pipeline workflows allows you to focus on what's required, not how it's done. This includes software builds, security scans and unit testing, as well as deployments. Blueprints allows you to diagnose any failures within Opsera by displaying the console output of each step of your pipeline execution. Comprehensive software delivery analytics for your CI/CD process in one view. This includes Lead Time, Change Failure Ratio, Deployment Frequency and Time to Restore. Contextualized logs allow for faster resolution, improved auditing, and compliance.

Learn what a solution for digital risk protection is and how you can be better prepared if you know who is targeting you, their goals, and the ways they plan to compromise your security. Google Digital Risk Protection offers a broad solution for digital risk protection, either as a self-managed SaaS product or as a comprehensive service. Both options provide security professionals with visibility outside their organization and the ability to identify high risk attack vectors, malicious orchestration on the dark and deep web, and attack campaign on the open internet. Google Digital Risk Protection also provides contextual information about threat actors, their tactics, techniques and procedures, to provide a secure cyber threat profile. Map your attack surface, and monitor deep and dark web activities to gain visibility into the risk factors that impact the extended enterprise and supply chains.

Azure Marketplace is an online store with thousands of ready-to-use, certified software applications, services and solutions from Microsoft as well as third-party vendors. It allows businesses to discover, buy, and deploy software within the Azure cloud. The marketplace includes a wide variety of products including virtual machine images and AI and machine-learning models, developer tools and security solutions. Azure Marketplace simplifies procurement and centralizes billing with its flexible pricing options, such as pay-as you-go, free trial, and subscription models. It supports seamless integration with Azure Services, enabling organizations enhance their cloud infrastructure and streamline workflows.