Graylog Cloud Integration

Note: This integration requires Cisco XDR Advantage or Cisco XDR Premier licensing tier.

Graylog Cloud is a leading centralized log management solution built to open standards for capturing, storing, and enabling real-time analysis of terabytes of machine data.

This integration enables you to include logs stored in the Graylog Cloud in your Cisco XDR investigations. Graylog Cloud will return sightings of any investigated IPv4, IPv6, SHA-1, SHA-256, MD5, domain, URL, file path, user and email observables that are found in those logs.