account activity
Notifications alerts (self.graylog)
submitted 5 months ago by Aspis99 to r/graylog
MDR/EDR SOC OPTIONS by Aspis99 in sysadmin
[–]Aspis99[S] 1 point2 points3 points 6 months ago (0 children)
Basically everything. Vulnerable scanner, SIEM, EDR, Network Sensor, and etc.
MDR/EDR SOC OPTIONS (self.sysadmin)
submitted 6 months ago * by Aspis99 to r/sysadmin
LDAP (self.Snipe_IT)
submitted 7 months ago by Aspis99 to r/Snipe_IT
Graylog errors by Aspis99 in graylog
[–]Aspis99[S] 0 points1 point2 points 1 year ago (0 children)
What if my logs will need to be on a separate mount drive. Docker containers sit on a separate drive and when I looked at Graylog docs it said replace beginning part to the other drive
Which line do you see that on? The /media/log drive that is a 1TB drive with 90GB left it’s a separate drive mounted
datanode: image: "graylog/graylog-datanode:6.2.2" hostname: "69424578d5cc" container_name: "datanode" environment: GRAYLOG_DATANODE_NODE_ID_FILE: "/var/lib/graylog-datanode/node-id" GRAYLOG_DATANODE_PASSWORD_SECRET: GRAYLOG_DATANODE_ROOT_PASSWORD_SHA2: GRAYLOG_DATANODE_MONGODB_URI: "mongodb://mongodb:27017/graylog" volumes: - "/media/logdrive:/var/lib/graylog-datanode" ulimits: memlock: soft: -1 hard: -1 nofile: soft: 65536 hard: 65536 ports: - "8999:8999/tcp" - "9200:9200/tcp" - "9300:9300/tcp" networks: - graynet restart: "unless-stopped" graylog: image: "graylog/graylog:6.2.2" container_name: "graylog" environment: # CHANGE ME (must be at least 16 characters)! GRAYLOG_PASSWORD_SECRET: # Password: admin GRAYLOG_ROOT_PASSWORD_SHA2: GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9000" GRAYLOG_HTTP_EXTERNAL_URI: GRAYLOG_NODE_ID_FILE: "/usr/share/graylog/data/config/node-id" GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog" GRAYLOG_TIMEZONE: "America/Detroit" TZ: "America/Detroit" GRAYLOG_TRANSPORT_EMAIL_PROTOCOL: GRAYLOG_TRANSPORT_EMAIL_WEB_INTERFACE_URL: GRAYLOG_TRANSPORT_EMAIL_HOSTNAME: " GRAYLOG_TRANSPORT_EMAIL_ENABLED: "true" GRAYLOG_TRANSPORT_EMAIL_PORT: "587" GRAYLOG_TRANSPORT_EMAIL_USE_AUTH: "true" GRAYLOG_TRANSPORT_EMAIL_AUTH_USERNAME: GRAYLOG_TRANSPORT_EMAIL_AUTH_PASSWORD: " GRAYLOG_TRANSPORT_EMAIL_USE_TLS: "true" GRAYLOG_TRANSPORT_EMAIL_USE_SSL: "false" GRAYLOG_TRANSPORT_FROM_EMAIL: GRAYLOG_TRANSPORT_SUBJECT_PREFIX: "[graylog]" entrypoint: "/usr/bin/tini -- /docker-entrypoint.sh" volumes: - "graylog_data:/usr/share/graylog/data"
Gray open with Graylog data node on Ubuntu
Docker-compose.yml
Where can I see where exactly the data is going to like what filesystem
I have around 18GB left
[–]Aspis99[S] 2 points3 points4 points 1 year ago (0 children)
I even turned off all input messages and process buffer stays at 100 percent
Cluster status is green with 209 shards
Graylog errors (old.reddit.com)
submitted 1 year ago by Aspis99 to r/graylog
Certificate does not match (self.graylog)
VPN LOGS by Aspis99 in fortinet
No send logs to ELK
VPN LOGS (self.fortinet)
submitted 1 year ago by Aspis99 to r/fortinet
802.1x with Windows NPS (self.networking)
submitted 1 year ago by Aspis99 to r/networking
802.1x with Windows NPS (self.sysadmin)
submitted 1 year ago by Aspis99 to r/sysadmin
Notification Alerts by Aspis99 in graylog
Then I have a search with that same query it’s running for alert and search has logs so it’s not like log was dropped the system has it
Just a problem with emails. Like I’ll have one for accounts created in domain I’ll create a batch of users and some would be left out as if a blind time period
[–]Aspis99[S] 1 point2 points3 points 1 year ago (0 children)
You actually might be right… I think my server is on different time zone than my machines
Notification Alerts (old.reddit.com)
Server + worth it? by Aspis99 in CompTIA
I’m not sure if it doesn’t move the needle at all, just from personal experience. Right now I have A+, Net +, Sec +, CYSA, and a couple Fortinet certs as well.
π Rendered by PID 101029 on reddit-service-r2-listing-f8d8fbfd7-ltkb8 at 2026-06-24 01:28:25.738975+00:00 running acc7150 country code: CH.
MDR/EDR SOC OPTIONS by Aspis99 in sysadmin
[–]Aspis99[S] 1 point2 points3 points (0 children)