Hi I am using a single node graylog (AMI) in aws ec2. I was able to setup the cloud-trail logs into graylog and Trying to setup a new stream call (“Un_Authorized”) and filtered with “event_name:AuthorizeSecurityGroupIngress”
Now In my new stream messages are coming properly. Hence for any secutiy group change I wanted an http alert and created a new notification as well with a http url.
Now I tried to create a new Even in the alert’s tab with the following info, When I tried to create any SG group it is showing the message in filter preview but still I Dont get any alert either in dashboard or in my http call back url (I Used requestbint to test)
