lmuir
September 2, 2019, 7:15am
1
Hello,
I’ve been searching for a while but has anyone manged to work out the missing bits in the rules and the stage order in this blog post -
https://www.graylog.org/post/back-to-basics-enhance-windows-security-with-sysmon-and-graylog
Cheers,
Lachlan.
jan
(Jan Doberstein)
September 2, 2019, 8:28am
2
he @lmuir
sorry that we missed that. It will be fixed in the next hours.
1 Like
lmuir
September 2, 2019, 9:12am
3
That’s awesome, thanks for such a quick answer!
lmuir
September 3, 2019, 8:09am
4
Hello,
I checked again today and there appears to be no change in the article.
Cheers,
Lachlan.
petegriggs
(Peter Griggs)
September 6, 2019, 8:29pm
5
I’m stuck too! I have the sysmon logs coming in but not sure on the pipeline - Also the dashboard won’t install when I add the content pack I get a post error: Installing content pack failed with status: Error: cannot POST http://x.x.x.x:9000/api/system/content_packs/a33f6f3e-b4a2-4ddd-8cf6-eefbd271bfb9/0/installations (500). Could not install content pack with ID: a33f6f3e-b4a2-4ddd-8cf6-eefbd271bfb9
Any ideas?
jan
(Jan Doberstein)
September 9, 2019, 7:16am
6
he @petegriggs
the content pack was created for Graylog V2.x - that will not work in Graylog 3.x.
We are currently re-working the article to match Graylog Version 3.x
petegriggs
(Peter Griggs)
September 10, 2019, 1:13pm
7
Hi Jan.
Thanks for this. Any idea when it will drop or if there is a way of exporting a Graylog V2 dashboard in to 3.?
Thanks
Peter.
jan
(Jan Doberstein)
September 10, 2019, 1:22pm
8
No sorry - I can’t predict a time my colleagues will have that finished.
You do not have the option to import the old into the new system.
system
(system)
Closed
September 24, 2019, 1:22pm
9
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.