tag: graylog

3 posts tagged

blog • infoblox • 15 min read

Over-Engineering Homelab Syslog Receiving With DNSTAP

Changing per-query DNS telemetry from syslog forwarding to a DNSTAP pipeline, and what the syslog path actually does on the appliance.

read →
ASCII-art pipeline diagram showing NIOS grid members emitting dnstap protobuf frames over tcp/6000 to dnscollector, which pipes JSON on stdout to bridge.py, which posts GELF to a dedicated Graylog index set
blog • easm • 7 min read

Wiring the CTEM Spiderweb

A pipeline that unifies Infoblox CTEM, lookalike-domain monitoring, brand protection, and open-source attack-surface signals into one Graylog dashboard — keyed by finding name, deduped across sources, and tagged with bug-bounty eligibility.

read →
Three figures in Guy Fawkes masks seated at a curved console of triple monitors lit by green hacker-style UI, framed by an industrial geodesic ceiling structure and red rim lighting (photo by Tima Miroshnichenko on Pexels)
blog • graylog • 7 min read

Graylog Enrichment, Deepened

Adding MAC→DHCP-hostname lookups, dashboards-as-code, and the long tail of NIOS WAPI and OpenSearch quirks the first pass left behind.

read →
Top clients widget showing client_ip resolved next to fixedaddress name and DHCP hostname columns, with NIOS-known hosts alongside unenriched ones

← back to all tags