Graylog Sidecar

by Graylog Incv1.5.4

Last updated Jun 8, 2026

Manage log collectors through Graylog.

Install with winget

$ winget install --id GraylogInc.GraylogSidecar --exact --version 1.5.4

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Silent install command for Graylog Sidecar

Graylog Sidecar uses MSI. The silent install switches are /quiet /norestart.

One-line silent install (x64, user scope)

msiexec.exe /i graylog-sidecar-1.5.4-1.msi /quiet /norestart

See the full silent install reference for Graylog Sidecar →

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

The Graylog Sidecar is a supervisor process for 3rd party log collectors like NXLog and filebeat. The Sidecar program is able to fetch and validate configuration files from a Graylog server for various log collectors. You can think of it like a centralized configuration and process management system for your log collectors.

Installers · v1.5.4

Architecture	Type	Scope	Install	Download
x64	MSI	user		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

19 known CVEs via NVD

medium6.1Patched in wingetCVE-2026-1441affects v2.2.3Feb 18, 2026
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, a...
medium6.1Patched in wingetCVE-2026-1440affects v2.2.3Feb 18, 2026
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, a...
medium6.1Patched in wingetCVE-2026-1439affects v2.2.3Feb 18, 2026
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, a...
medium6.1Patched in wingetCVE-2026-1438affects v2.2.3Feb 18, 2026
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, a...
medium6.1Patched in wingetCVE-2026-1437affects v2.2.3Feb 18, 2026
Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include segments of the URL directly in the response without applying output encoding, a...
medium6.5Patched in wingetCVE-2026-1436affects v2.2.3Feb 18, 2026
Improper Access Control (IDOR) in the Graylog API, version 2.2.3, which occurs when modifying the user ID in the URL. An authenticated user can access other user's profiles without proper authorization checks. Exploiting this vulnerability allows valid users of the system to be...
critical9.8Patched in wingetCVE-2026-1435affects v2.2.3Feb 18, 2026
Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new 'sessionId' each time a user authenticates, but does not invalidate previously issued ses...
high8.8Patched in wingetCVE-2025-53106affects before 6.2.4Jul 2, 2025
Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user kno...
Patch

Showing 8 of 19. Source: NVD, updated 1h ago. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

Ente Authente
ente-io.auth-desktopv4.4.23
Open source 2FA authenticator, with end-to-end encrypted backups.
O
Ollama (Portable)Ollama
Ollama.Ollama.Portablev0.20.2
Start building with open models.
lnavTimothy Stack
tstack.lnavv0.14.1-rc1
The Logfile Navigator is a log file viewer for the terminal
butaneFedora Project
Fedora.CoreOS.butanev0.28.0
Butane translates human-readable Butane Configs into machine-readable Ignition Configs.
T
TrivyAqua Security Software
AquaSecurity.Trivyv0.71.0
Trivy is a comprehensive and versatile security scanner.
S
Secrets OPerationSMozilla
Mozilla.SOPSv3.7.3
Simple and flexible tool for managing secrets

More from Graylog Inc or browse beats, collector, configuration.

Frequently asked questions

How do I install Graylog Sidecar on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id GraylogInc.GraylogSidecar --exact --version 1.5.4. winget downloads the installer from Graylog Inc and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Graylog Sidecar silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id GraylogInc.GraylogSidecar --exact 1.5.4 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

What are the silent install switches for Graylog Sidecar?

Graylog Sidecar uses MSI. Run the downloaded installer with: msiexec.exe /i graylog-sidecar-1.5.4-1.msi /quiet /norestart. The silent switches are /quiet /norestart.

How do I uninstall Graylog Sidecar via winget?

Run: winget uninstall --id GraylogInc.GraylogSidecar --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Graylog Sidecar's Apps & Features entry.

Is Graylog Sidecar free?

Graylog Sidecar is distributed under SSPL v1.0. Refer to the publisher (https://github.com/Graylog2/collector-sidecar) for the full license terms - Wingetly itself does not charge for installation.

Does Graylog Sidecar work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Graylog Sidecar directly from the publisher.

How do I keep Graylog Sidecar up to date?

Run winget upgrade --id GraylogInc.GraylogSidecar --exact, or winget upgrade --all to update everything winget tracks. We index 4 versions of Graylog Sidecar from microsoft/winget-pkgs.

Recent versions

1.5.4latest
1.5.3
1.5.2
1.5.1