Integration and Extension

After the Graylog service is up and running, you may discover opportunities to enhance its functionality to meet the unique needs of your environment. To meet this challenge, Graylog provides tools both to extend the application’s reach and usefulness as well as to integrate with other tools you might already be using.

This article provides a basic overview of the methods used for integration and extension.

Prerequisites

Before proceeding, ensure that the following prerequisites are met:

  • You must have appropriate permissions to access the Graylog REST API.

  • It is generally required that you are an administrator of the application that requires configuration and/or that you have access credentials to third-party components in your environment, as necessary.

  • Basic knowledge of development and coding practices is a necessity.

Graylog REST API

The Graylog REST API provides programmatic access to Graylog for automating functions or for integrating with other systems. You can use the API to integrate with third-party systems such as:

  • Ticketing or support systems

  • Third-party monitoring or notification platforms

The REST API also allows you to perform any actions that you can perform through the Graylog web interface. You can automate operations that you frequently repeat, such as:

  • New user or team creation

  • System or network monitoring tasks

  • Information gathering and report generation

For information about accessing and using the Graylog REST API, see REST API.

Plugins

The Graylog plugins integration allows you to extend and customize the application beyond what we offer on basic installation. You can add functionality to your environment in a myriad of ways as needed.

Hint: Plugins are created by writing Java code and rely on additional developer tools. As such, the process requires a level of development proficiency. Graylog does not provide support for plugins, plugin development, or troubleshooting plugin errors or inefficiencies. See Plugins for complete details.

The plugin API lets you build extensions in categories such as:

  • Inputs: Add an input for a log source that Graylog does not support.

  • Services: Create services that run at startup to perform operations throughout your application.

  • Processors: Transform incoming log messages or drop them altogether based on custom criteria.

  • Authentication: Implement custom authentication schemes such as single sign-on (SSO) or two-factor authentication (2FA).

See Plugins for additional types of integrations and the process for writing your own plugins.

Hint: Some plugins may overlap with Graylog functionality. Before building a custom plugin, make sure that the functionality you need does not exist in the product out of the box.