Graylog 6.3 introduces several enhancements aimed at improving data management, security operations, and authentication processes.
-
Google Cloud Storage (GCS) Integration: Graylog now supports Google Cloud Storage (GCS) as a backend for Data Lakes and Warm Tier repositories.
-
Enhanced Detection Chain Management: You can now add all events from a Detection Chain as evidence to an investigation.
-
Event Procedures: Event Procedures have been introduced to guide you through predefined response actions directly within the Graylog interface. These procedures can include steps like running search queries, sending notifications, or navigating to dashboards, ensuring consistent and efficient incident responses.
In Graylog 6.3, Event Procedures has been released as an early access feature for evaluation and feedback purposes, so its design and behavior may change significantly in future releases. To share feedback on your experience with Event Procedures, email feedback@graylog.com. -
SAML Authentication Service: A new SAML authentication service has been added, enabling organizations to integrate Graylog with their existing Single Sign-On (SSO) solutions.
For a complete list of updates and fixes in Graylog 6.3, please refer to the core Graylog changelog or the Graylog Enterprise changelog.
