Lookup Table Configuration - Graylog 2.4

haywhai · February 22, 2018, 10:08am

Hello Guys, after installing the latest version of Graylog. My lookup Tables work perfectly fine but i discovered there are some more lookup tables integrated into Graylog 2.4 by default. For example:

abuse.ch Ransomware IP
abuse.ch Ransomware Domains
Open Thread Exchange (OTX) - IP AND SOME MORE…

I went to System > Configurations to enable the configurations for the plugins:

How do i know if it works perfectly. I went to the Data Adapter for the abuse.ch Ransomware IP to test for a known ransomware IP but it didnt work. What exactly is the key value that would be input into the field to get the Value?

system · March 8, 2018, 10:08am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
2021-12-09 09:05:40,063 WARN : org.graylog2.lookup.LookupTableService - Lookup table <abuse-ch-ransomware-ip> does not exist Graylog Central (peer support) basic-configuration	6	1451	December 25, 2021
Garylog 3.1 lookup tables Graylog Central (peer support)	3	506	September 10, 2019
Threat Intelligence Lookups Supported by Graylog Graylog Central (peer support)	7	1532	October 4, 2022
Graylog 4 Integration with Threat intel plugin Graylog Central (peer support)	8	2354	November 23, 2021
Graylog Rules and Pipeline not working Graylog Central (peer support) pipeline-rules	1	571	April 26, 2018

Lookup Table Configuration - Graylog 2.4

Related topics