While this episode focused on using Graylog as a central logging platform, both @Jay and Tom brought up a number of useful tips for Linux Homelab practitioners.
A couple that stood out for me were:
Use Containers, plus AutoFS to mount remote volumes on your NAS for large datasets
Logging traffic from hardware like UniFi Switches and Routers
Threat detection IP’s from Alien Ware free account I think he said (need to re-watch)
So, now I’ll have to spin up a VM / CT just to see how Graylog works.
Well, I managed to get Graylog running, but then realized I installed it from a repository that was two minor revisions behind … So, I had to re-pull the the repo, re-update (nothing like doing things twice ey) my server config, and it’s back up and running. Now I just have to learn how to build dashboards
I can say, the Graylog Docs are extensive, and if you “follow the yellow brick road”, you should end up with working product. Just make sure you’re on the latest revision - should be 4.1.2 or later at the time of this writing.