Amp Up Your Data Analysis with the new Zeek Kit

Nov 16, 2020 9:30:00 AM / by John Floren posted in Security, docker, Bro, kits, DNS, zeek

Zeek can give you so much insight into what's going on in your network, but it can feel like drinking from the firehose - dozens of files full of terse log entries, and no easy way to cross-reference or merge them. That's where Gravwell's new Zeek kit comes in. It's a suite of pre-built queries, dashboards, and more which can help you make sense of what Zeek's telling you with a few clicks.

Read More

Gravwell 2.2.1 Released!

Aug 1, 2018 3:48:22 PM / by John Floren posted in Software Updates, ingester, docker, Community Edition

We’re pleased to announce the release of Gravwell 2.2.1! For a point release, it’s got some very cool new features; read on to learn what we’ve added.

Read More

Distributed Webserver Frontends in Gravwell

Apr 19, 2018 8:06:36 AM / by John Floren posted in Software Updates, docker, cluster

With the release of Gravwell 2.0, Gravwell customers can now deploy multiple webservers tied to a central storage system. This means you can deploy multiple webservers behind a load balancer for better search performance; the webservers synchronize resources, user accounts, dashboards, and search history behind the scenes so users don’t need to worry about which server they’re actually using.

Read More

Gravwell And Docker Deployment

Apr 5, 2018 3:50:03 PM / by Kris Watts posted in DevOps Analytics, ingester, Logging, automation, docker, cluster

Update (1/24/2019)

This post is mostly about building your own docker images. If you're interested in getting up and running fast using Gravwell+Docker, head over to our docs that cover our pre-built images:!configuration/


For this blog post we are going to go over the deployment of a distributed Docker-based Gravwell cluster. We will use Docker and a few manageability features to very quickly build and deploy a cluster of Gravwell indexers. By the end of the post we will have deployed a 6 node Gravwell cluster, a load balancing federator, and a couple ingesters. Also, the six node “cluster” is also going to absolutely SCREAM, collecting over 4 million entries per second on a single Ryzen 1700 CPU. You read that right, we are going to crush the ingest rate of every other unstructured data analytics solution available on a single $250 CPU.  Lets get started.

Read More