Active Directory Auditing

RemyDePoorter · March 1, 2023, 7:25pm

Hello,
I’m new here. I would like to use Graylog 5.0 to audit Windows active directory and send a mail in case of threats.

So I have installed OpenSearch and NXLogs.

I would like to use this package: GitHub - reighnman/Graylog_Content_Pack_Active_Directory_Auditing
But I have an error when importing the json file

How can I solve this?

joe.gross · March 1, 2023, 7:29pm

Sorry to be the bearer of bad news, but it’s too old.

“Tested with nxLog/Windows 2008R2 Domain Controllers/Graylog 1.2”

Graylog 1.2 was EOL by 2016. There have been several major changes since then that could render these older content packs obsolete.

gsmith · March 1, 2023, 10:40pm

Perhaps try this see if it works, plus its newer then the one you have.

If not there are work-arounds you could do if you want to keep open version.

system · March 15, 2023, 10:40pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Active Directory Auditing (WinLogBeats) - Graylog 3.0.2+ Content Pack content-pack	1	7140	August 25, 2022
Active Directory Auditing (NXLOG) - Graylog 2.x Content Pack content-pack	0	3127	March 7, 2022
Active directory Logs Graylog Central (peer support)	2	361	November 14, 2023
How to Log Using Active Directory Auditing (WinLogBeat) Graylog Add-ons sidecar , winlogbeat	1	1161	December 25, 2020
New greylog references of the new version Graylog Central (peer support)	2	608	December 2, 2022