Hello,
I’ve been searching for a while but has anyone manged to work out the missing bits in the rules and the stage order in this blog post -
https://www.graylog.org/post/back-to-basics-enhance-windows-security-with-sysmon-and-graylog
Cheers,
Lachlan.
That’s awesome, thanks for such a quick answer!
Hello,
I checked again today and there appears to be no change in the article.
Cheers,
Lachlan.
I’m stuck too! I have the sysmon logs coming in but not sure on the pipeline - Also the dashboard won’t install when I add the content pack I get a post error: Installing content pack failed with status: Error: cannot POST http://x.x.x.x:9000/api/system/content_packs/a33f6f3e-b4a2-4ddd-8cf6-eefbd271bfb9/0/installations (500). Could not install content pack with ID: a33f6f3e-b4a2-4ddd-8cf6-eefbd271bfb9
Any ideas?
he @petegriggs
the content pack was created for Graylog V2.x - that will not work in Graylog 3.x.
We are currently re-working the article to match Graylog Version 3.x
Hi Jan.
Thanks for this. Any idea when it will drop or if there is a way of exporting a Graylog V2 dashboard in to 3.?
Thanks
Peter.
No sorry - I can’t predict a time my colleagues will have that finished.
You do not have the option to import the old into the new system.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
