2 articles Log Auditing

Manage AWS API logs with CloudTrail and Graylogs

General Process: Cloudtrail will send all API logs to S3 bucket And will notify to SNS topic SNS will send log details to SQS queue Graylog will poll message from SQS and get the logs from that S3 file By default all logs will be sent to “All Messages” stream. Stream can be used to…

Manage System Logs with Graylog and rsyslogd

Graylog is widely used for log management and analysis. There are 4 main components of Graylog: Graylog Server MongoDB ElasticSearch NGINX as ReverseProxy to secure Graylog API Below steps will help, reader to basic installation of Single Node Graylog server and redirect system logs from rsyslogd to Graylog. Do let me know your queries on ngurjar…