- 24 May 2022
- 1 Minute to read
- Updated on 24 May 2022
- 1 Minute to read
Graylog Operations is made of the combination of the open source core and several plugins that contribute functionality. This way someone coming from open source can add Operations simply by installing a new operating system package.
When the Graylog Operations plugins and Graylog Operations Integrations plugin is installed the some additional features are added to Graylog. The following list should give a brief overview of what is added to Graylog. All of this will only work with a valid Operations license.
- Archiving allows you to store the data to long term retention location, for an infinite amount of time. This can be local or removable media. This will allow most users to meet compliance regulation around data retention
- Audit log
- Audit log enables Graylog to keep a record about changes done in-product, on all levels of users.
- Reporting - Extension of Dashboards
- Take any of your current dashboard widgets, and put them into a scheduled report you can have delivered to your Inbox.
- Search extensions
- Parameter support - placeholders in the query, which asks users for values to put into queries, without having to copy&paste queries themselves
- Alerting extensions (basic Alerting is part of open source)
- Event Correlation
- Dynamic Lists - allows Graylog to lookup values in lookup tables and use the result in the alert query field in the correlation rule. This feature is based on Search Parameters.
- Cluster-wide scheduler - Open Source runs alerts on a single node only, Operations runs them on all Graylog nodes, increasing capacity.
- Script Notification - ability to run a custom native program in response to a generated alert, useful for the integration of third-party systems.
- MongoDB Lookup Table
- This allows settings values from pipelines, e.g. to maintain a list of suspicious IP addresses to be used in Dynamic Lists
- Forwarding (Integrations)
- Cluster-to-cluster forwarder output - requires two fully functioning Graylog clusters. The forwarder adds the ability to forward specific data streams to remote locations with journaling support incase of outages.
- Output Framework (Integrations)
- plugable solution to forward events from Graylog to any other system. Including advanced options to manipulate the events before hand over, formatted as syslog message, json or any way.
- Inputs (Integrations)
Please see the Graylog Operations Page for more details.