Graylog v2.4.0 of 2018

QuickValue Widget Improvements:  Stack data with another field, such as a source address to get a new result set with all destination addresses of this field. This is a top method for threat hunting! Sort the result set based on the field value or count, which is useful if you want to find the most common or uncommon values. Build a chart of a result set over time to detect important changes or past outliers.  We have also moved four plugins from Graylog Labs into Core: AWS, Threat Intelligence, NetFlow, and CEF. Download Now