Take a look at the streams section for your alerts. You can setup criteria based off a number of factors such as what type of log and then set conditions on when to alert via email.
On Tuesday, August 16, 2016 at 11:32:24 AM UTC-4, NoRearView wrote: > > Hello! > > I'm currently working on getting our infrastructure up to date for a > (voluntary) HIPAA audit. One area I need to improve is our logging > capabilities. My end goal is to have a centralized location for my log > files and also be notified of any failed login attempts or firewall alerts. > A secondary goal will be to alert our developers of any errors in our logs > related to our application and also alert if a log file is not being > updated. > > I am running the Graylog virtual appliance that I downloaded and have our > firewall and a few of the servers sending logs currently. > > Will Graylog allow me to accomplish my goals? Is there any documentation > or information on achieving HIPAA compliance while using Graylog? It sounds > like it can be done, but I'm new to getting this set up properly. > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/5e9c66a8-e054-4681-b25a-175b3453d05d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
