Put a reverse proxy in front of it that supports Let's Encrypt. I use pfsense with HAProxy.

But docker males it so easy!

@@LAWRENCESYSTEMS Hi i always find dockers so confusing ..please have u got a tutorial ideo for graylog using docker?

@@manbash05 kzbin.info/www/bejne/eqi8qKV3edx2o8ksi=SpkU-URICLoobOLw

Literally me)))

You have identified a problem that you have with the project, but not a solution. How do you propose they fund this project?

@@LAWRENCESYSTEMS I heard thoughts and prayers go pretty far.

Open-source does NOT mean free, its important to remember that.

@@LAWRENCESYSTEMS they can fund it by offering paid technical support along with extra services that will benefit enterprises not by making difference enterprises and non enterprise users. I've seen few others where you get everthing enterprise does but you don't get techical support if you use free version. Graylog open should reflect it's open source nature without offering demos of paid stuff. It should only have a button with link to enterprise version for more info and subscription. There are ways for them fund it but not by locking features behind paywall.

@@egenhoferj i know that. I know they need money for hardware,they need to earn money for living,monsy for software they use for development and so on. All i wanted to say how i don't like way some open source apps are funded. In open source world best way to fund development isn't locking up advanced features behind paywall it can instead be thruogh royalties like unreal engine does, it can be by offering techincal support,hosting server on your cloud for enterprise,basicaly anything but locking features behind paywall.

w/ the warm tier and the way index rotation/retention have changed, this actually a problem that 6.0 pretty much solved

Hi we were also using Grafana Loki earlier but we were only able to download 5000 log lines at a time . Is this the case with your team as well ?

@@Kunalchander-c8jfrom what I remember we set the max_entries_limit_per_query and max_global_streams_per_user to your desired size

In our case when we are querying high volume logs the Grafana interface starts lagging as hell. It was only stable upto 50k line of logs .

What other ones are there besides graylog? Wazuh is not really a log server and OpneSeaech and Elastic are overly manual compared to graylog.

@@LAWRENCESYSTEMS To be honest, I'm not even sure which ones are real alternatives. Reddit suggestions include splunk, vector+promtail+loki, datadog, elk, something+grafana, etc. Tbh even getting an overview for which free/cheap options for personal use exist is not easy.

Zabbix is more of a monitoring tool, Graylog is a logging tool.

Yes

AVX enabled processors have been shipping since 2012 and the latest AVX-512 version since 2016. Might be time to consider upgrading.

@@LAWRENCESYSTEMS Yes, I'm still running (3) 4U Supermicro servers with (2) Xeon X5675 3Ghz CPUs, 300G ram, and 36 drive bays. I have been looking at some of the newer/used Supermicros with 512G DDR4, newer CPUs, etc. Just have not committed yet.

I think enough people have already done a video on and I don't really use it therefore don't have anything more to add. Let me know if I am wrong.

@@LAWRENCESYSTEMS I agree with you there are many videos already out there, but the quality of those videos is questionable. On other hand, your videos are much more professional, providing more information and steps in proper order, with more clarity. In my opinion, Wazuh is much better than Graylog security wise. Also, it's lighter for hardware resources, and provides full unlocked features in free version (you can have paid subscription, but it's for support). You could do great job with video explaining how to tweak it, and configure it properly for security alerts, as it has many options, because your videos stand out in this ocean of low-quality videos.

@@double_DD Thanks, but for clarification is it that many of the videos are sponsored by Wazuh that brings up the question of their quality?

Look at the docker compose and see if something in there that makes you not want to use it.

I did and they worked.

Do you have any links to such an comparison?

@@MortenEghj My opinion is based off my own evaluation of each. However, If you just want a product, ignore me and just pick whatever the KZbinr tells you. If you have any responsibility to critical work or to a customer base, identify what’s important for your organization and reach out to competing vendors, get their demonstration and decide which makes the most sense. If you’re just playing around in a homelab, install them and see for yourself.

What one do you recommend I look at first? Better yet, what type of person would you recommend each solution for?

If docker is to hard to for you then you should retire from IT bud.

@@dyto2287 I will do that, thanks for the advice.

@@dyto2287 and you are an idiot!!! So the WHOLE IT world is based only on docker, so if someone doesn't know how to use docker, he should retire from IT.... you dumbhead...

Graylog has installation docs for Ubuntu, Debian, Red Hat, and SUSE if you don't' want to use Docker. And manual if your distro is none of these.