Graylog🔓 Cybersecurity

How Graylog Enriches Log Data with IPinfo for a Seamless Customer Experience

The launch of a new product created a new need for Graylog. See how they solved it with IPinfo’s Geolocation API.

📈 Market position

About Graylog

Graylog is a leading centralized log management company that offers solutions for their clients’ security, application, and IT infrastructure questions. The software they offer can be deployed by customers themselves and enables them to combine, enrich, correlate, query, and visualize all of their log data in one place. Last year the company decided to launch on the Cloud, meaning they now offer a fully managed Graylog environment that ensures their customers’ logs are always up to date, monitored, and running the way they should be.

  • twitter
  • linkedin
  • website
  • Client
    Lennart Koopmann
  • Customer Since
    March 2020
  • Company
  • APIs used
🤔 The problem

How do you automatically enrich log data in a cloud environment?

Following the changes, Graylog realized they had an opportunity to further enrich their customers’ data. The company knew that anyone who had IP addresses reported somewhere in their logs also had a real desire to translate that information into a physical location, whether it be as specific as exact coordinates or simply a city name. Pinpointing location proved especially important for security use cases and Graylog set out to find a partner who could provide that information for their customers.

We’ve seen over the past few years that more and more people are interested in running something like Graylog in the cloud. They were specifically looking for a cloud service, something they could sign up to, get a web interface, and get everything they need without needing to put extra effort into running and scaling it.

Lennart Koopmann
Founder/CTO, Graylog
⏳ The process

Finding the right partner

Another thing that stood out to the team at Graylog? How fast IPinfo was able to complete the implementation of its ASN and Geolocation APIs and start enriching their data in real time. After a short testing period, the solution was ready to go and now updates daily.

I think the first thing that we noticed was that it was really easy to do business [with IPinfo]. It was immediately a company we could talk to who really understood our problem, understood what we needed, and immediately understood our level and how technical we are so we wasted no time. It was an incredibly easy process.

Lennart Koopmann
Founder/CTO, Graylog
🔬 The solution

Meaningful location data powered by IPinfo

With their clients in mind, Graylog went to the market to research what kind of IP geolocation databases were available. IPinfo was a name that kept coming up for Founder and CTO Lennart Koopman. He quickly reached out to the team at IPinfo and realized they would be a great fit.

IPinfo allowed us to download all the information in one database file that would live locally on our server. That meant we wouldn’t introduce any issues with latency or connections because we have people who send us hundreds of thousands of logs per second. We can’t ask their API every single time. We need that file that we can cache and access very rapidly. And that was the perfect combination for us.

Lennart Koopmann
Founder/CTO, Graylog
🎉 The result

Graylog’s clients are enjoying enriched data in the Cloud

With the IPinfo integration, Graylog can now:

  • Offer their Cloud customers location data for all IPv4 and IPv6 addresses in their logs
  • Reduce the manual work of accessing individual databases
  • Eliminate data latency issues with daily updates

To top it off, IPinfo works so well with Graylog’s existing tech stack that there was almost no change for them on the back end. Once the implementation was complete, their customers’ logs were automatically updated with location data thanks to IPinfo’s API.

Our customers know what an IP lookup is, and they say, ‘It’s awesome that we get Graylog Cloud and it’s just there and it’s so fast that we don’t have to think about it.

Lennart Koopmann
Founder/CTO, Graylog

Related Customer Stories

  • Greynoise
    🔓 Cybersecurity

    Since using IPinfo, GreyNoise has become recognized as the go-to Anti-Threat Intelligence source.

  • CFC
    💰 insurance

    CFC uses IP address data to build the insurance of the future, develop threat intelligence, and manage risks.

Get started with IPinfo