Hello Guys, after installing the latest version of Graylog. My lookup Tables work perfectly fine but i discovered there are some more lookup tables integrated into Graylog 2.4 by default. For example:
abuse.ch Ransomware IP
abuse.ch Ransomware Domains
Open Thread Exchange (OTX) - IP AND SOME MORE…
I went to System > Configurations to enable the configurations for the plugins:
How do i know if it works perfectly. I went to the Data Adapter for the abuse.ch Ransomware IP to test for a known ransomware IP but it didnt work. What exactly is the key value that would be input into the field to get the Value?