SIEMs have historically done well in helping organizations detect threats. Modern threat activity has shown, however, that tracking pre-selected data and relying on IOCs …
SIEMs have historically done well in helping organizations detect threats. Modern threat activity has shown, however, that tracking pre-selected data and relying on IOCs …
We are pleased to announce the immediate availability of the Gravwell Sysmon kit. This kit is designed to get you started quickly with Sysmon data and demonstrate the art of the possible. This post...
Overview Today we are going to talk about something very important - beer. Homebrewing has a long tradition and many master brewers started by making swill in their basement. So today, I am going...
This week sees the release of Gravwell 3.3.9, our last planned release prior to the 3.4.0 "Big Bang" release. The Big Bang release will introduce Gravwell kits (our way of providing pre-packaged...
We are excited to announce the immediate availability of Gravwell version 3.3.0. This release being a Minor release features a few fairly significant features and a whole heap of bug fixes and...
We proud to announce the immediate availability of Gravwell version 3.2.3. This release is all about performance and bug fixes, but we did manage to slip in a new Kafka ingester.
We are pleased to announce the immediate availability of Gravwell version 3.2.2! This one got away from us a bit and probably should be a major release, there is just too much good stuff in here. I...
We've had some benchmarking requests from multiple organizations struggling with ingest performance from Elasticsearch, so we're publishing them here. The latest Gravwell release marks a significant...
We are excited to introduce autoextractors with Gravwell version 3.0.2. Autoextractors make it easy for regex gurus and binary ninjas to generate extractions and share them in a portable format. ...
In this detailed technical guide we’ll cover analyzing Bro security analytics with Gravwell. Bro is a passive network security sensor designed to provide a plugin friendly detection framework. There...
