Alert Wizard plugin for Graylog 3.1

Hi, guys
I have a question about installing the Alert Wizard plugin for Graylog

Is this plugin specific to the Enterprise version of Graylog?
I went step by step with the link below and I didn’t get any error, but this plugin doesn’t activate for Graylog version 3.1

please guide me
thanks a lot

Hello,

What version of this plugin do you have installed with Graylog Version 3.1?

Hi, and thanks gsmith

I have graylog version
Graylog 3.1

I used these versions.

root@graylog-virtual-machine:/usr/share/graylog-server/plugin# ls
graylog-plugin-aggregation-count-1.2.2.jar  
graylog-plugin-collector-3.1.4.jar          
graylog-plugin-threatintel-3.1.4.jar
graylog-plugin-alert-wizard-3.0.0.jar       
graylog-plugin-correlation-count-1.2.0.jar
graylog-plugin-aws-3.1.4.jar                
graylog-plugin-logging-alert-1.2.0.jar

Hello

From what I read here && Here
I noticed the following under “results” below. I personally don’t use this plugin so I’m not 100% sure it will work, but I would think if its not working something should be in the logs.

Results:
using GL Node version 3.1
graylog-plugin-aggregation-count-1.2.2.jar <–OK
graylog-plugin-collector-3.1.4.jar
graylog-plugin-threatintel-3.1.4.jar
graylog-plugin-alert-wizard-3.0.0.jar <— 3.1 Upgrade

image

graylog-plugin-correlation-count-1.2.0.jar ← Ok
graylog-plugin-aws-3.1.4.jar
graylog-plugin-logging-alert-1.2.0.jar <— 1.3 upgrade

image

You can post to the person that created it either here or on GitHub.

hope that helps

Hello
thank you so much
I have upgraded both to the new version but the problem is still not solved.

By chance did you restart Graylog service? And check permissions on those plugins?

Hello,

As I said in Alert Wizard plugin for Graylog to manage the alert rules - #4 by frantz there is no Wizard version compatible with Graylog v3.1.
I would recommend you to upgrade Graylog to v4.2 and take the lastest Wizard version.
We’ll soon release a Wizard version compatible with Graylog 4.3.

To answer your first question it’s not related with Graylog Enterprise, it’s an open source plugin developped by Airbus CyberSecurity.
This plugin was initially developped because it was a pain to create a correlation rule in Graylog, first you had to create a Stream to filter logs (you couldn’t set a search query directly in the rule), then you had to create an event definition and finally a notification. Thanks to this plugin you can configure main things on one page and it creates everything in backend.
Nowadays Graylog has really been improved on these points and has its own wizard. But this plugin is still useful.

2 Likes

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.