I’m putting this on the add-ons section because I think it’s related to the Threat Intel plugin.
Even though graylog’s VMs are allowed to query the whois addresses, I keep getting
Could not lookup WHOIS information for error everywhere. But it’s just that, no details about why graylog wasn’t able to perform the loopkup…
Is there a way to get more info? Like, if we’re getting rate limited (as mentioned on Threatintel WHOIS - 50% of country code’s and organizations are “N/A”) or anything else?
And yeah, sorry, I just remembered that I had another similar topic - Graylog WHOIS errors, but that also didn’t solve the problem =( I know, now, that my servers can reach the whois destinations attempted. But there’s still no info on why it failed.