hi everyone i’am working with mhn (modern honeypot network) and i’am trying to integrate graylog with it but i don’t know how, i am wondering if you could help me please
I do not know mhn - maybe you can be a little more verbose. Include some links and with that it might be possible to help or guide with some kind of integration
thanks for relying me
in this link mhn you will find more details about the projet and his aim
it looks like logging CEF is possible ( https://github.com/threatstream/mhn#arcsight ) so you need a log collector that ships this file to Graylog.
That could be filebeat that reads the file and ships the content to graylog via a filebeat input.
i have a log file can i simply importe it to gray log or i have to do some operations
There is no log “upload” function. As Jan said, you’d have to use filebeat. Or you’d have to set up something like a netcat listener, send the existing log as raw input, and have an extractor to pull out the content.