Blog

Want deeper insights? Read exclusive commentary from the Gravwell team on the issues that matter most.
Filter By

IPMI and Gravwell Part 1: Building an IPMI Ingester

(This post is part one of a two-part technology series around building and using an IPMI ingester and kit. Part two coming soon.) In many data aggregation and analysis tools, the ecosystem is fully...
ingester , HOWTO , IPMI
Blog
04.08.2021

Grouping Related Entries with the Transaction Module

In today's blog, we’ll give a short overview of the transaction module introduced in our most recent update: Gravwell 4.1.5. The transaction module is a powerful module that can rewrite individual...
Software Updates
Blog
04.01.2021

Monitoring HomeLab and Network with Gravwell Community Edition

Gravwell launched our free Community Edition in July 2018, and it has become an invaluable resource for home lab users and anyone looking to monitor their personal network or wrangle large amounts of...
Community Edition , Home Operations Center
Blog
03.25.2021

Practical Application of MITRE ATT&CK

SC Magazine published an article headlined "SIEM rules ignore bulk of MITRE ATT&CK framework, placing risk burden on users." In the article, Bradley Barth writes about a study showing only 16 percent...
Data Fusion , ATT&CK
Blog
03.18.2021

Announcing the Gravwell Sysmon Kit

We are pleased to announce the immediate availability of the Gravwell Sysmon kit.  This kit is designed to get you started quickly with Sysmon data and demonstrate the art of the possible.  This post...
EventLog , Windows , Security , kits , Sysmon , DNS
Blog
03.10.2021

Slice it Like Roast Beef: Parsing Raw ARP Messages in Gravwell

One of Gravwell's great strengths is binary ingest: you can store things like raw packets, then parse them later when you know what you want to extract. This came in handy recently when I set up IPv6...
Data Fusion , compound queries
Blog
02.23.2021

Easy Custom Implementations with Gravwell Client Library

Version 3.7.0 of the Gravwell open source repository introduces an exciting new feature: a Go library for interacting directly with Gravwell! Our Data Fusion platform has always been about meeting...
developer , API , golang
Blog
02.08.2021

Enable Data Fusion & Pivot on Dataset Properties with the Enrich Module

Gravwell 4.1 introduces a new module - Enrich - that can add static data to every entry in a query. Sometimes you need to add static data to a dataset, such as the standard deviation itself across...
Data Fusion , Software Updates , Logging
Blog
01.19.2021

4.1.0 Feature Spotlight: Upload Data from the Gravwell UI

Sometimes, you just need to get data into Gravwell without setting up any ingesters--maybe you want to analyze a collection of log files somebody emailed you, or maybe you've got a pcap file from...
Software Updates , ingester , pcap
Blog
01.12.2021

Combine Datasets Like a Boss: Announcing Gravwell 4.1 & Compound Queries

The Gravwell team is happy to announce the release of Gravwell 4.1.0 - Gamma Burst. A few highlights of what's included in the new release: Compound Query support Web UI based ingester A new “enrich”...
Data Fusion , Software Updates , Logging
Blog
01.06.2021
1 2 3 4 5

Subscribe for Gravel Updates

Signup for the Gravwell newsletter to be the first to hear about announcements, new product features, events, and more.

Gravwell is an enterprise data fusion platform that enables security teams to investigate, collaborate, and analyze data from any source, on demand, all with unlimited data collection and retention. Ingest everything. Investigate anything.
TOP