Integrate Graylog SIEM with Zoho Vault Password Manager

Integrating Zoho Vault with Graylog

  1. Log in to Graylog account
  2. Navigate to the System menu and select Inputs.
  3. In the Search field, type Raw HTTP. The Raw HTTP input option will appear in the list.
  4. Select Raw HTTP to create a new input.
  5. To make this input available globally, check the Global checkbox.
  6. Configure TLS (Transport Layer Security) settings:
    1. Provide a valid TLS certificate file.
    2. Ensure that the TLS certificate is issued by a recognized Certificate Authority (self-signed certificates are not supported). Connections from Zoho Vault will be rejected if an invalid certificate is used.

  7. Configure the Authorization Header:

    1. Set Authorization Header Name to Authorization.

    2. Enter a string of your choice for Authorization Header Value. This value will be used later when configuring the Zoho Vault integration.

Configuring GrayLog details in Zoho Vault  

  1. Open your Zoho Vault account and navigate to the Graylog Integration settings.
  2. Enter the hostname of the Graylog server where the input was created.
  3. Enter the Port that was configured in Graylog while setting up the Raw HTTP input.
  4. For the Token, provide the Authorization Header Value that was configured in Graylog. This ensures that Zoho Vault can send logs securely to the correct Graylog input.

Accessing Zoho Vault logs from GrayLog 

  1. Log in to your Graylog account.
  2. Navigate to the Search tab.
  3. Use the search functionality to view and analyze logs received from Zoho Vault. These logs will appear in real-time, allowing you to monitor events, track access, and identify potential security incidents.