Active Directory Auditing

I’m new here. I would like to use Graylog 5.0 to audit Windows active directory and send a mail in case of threats.

So I have installed OpenSearch and NXLogs.

I would like to use this package: GitHub - reighnman/Graylog_Content_Pack_Active_Directory_Auditing
But I have an error when importing the json file

How can I solve this?

Sorry to be the bearer of bad news, but it’s too old.

“Tested with nxLog/Windows 2008R2 Domain Controllers/Graylog 1.2”

Graylog 1.2 was EOL by 2016. There have been several major changes since then that could render these older content packs obsolete.

Hey @RemyDePoorter

Perhaps try this see if it works, plus its newer then the one you have.

If not there are work-arounds you could do if you want to keep open version.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.