OTX domain lookup requested but OTX is not enabled in configuration. Please enable it first


(João Ciocca) #1

Basically, that’s it. I’m getting this error on graylog’s internal log and have no idea how to solve it - Google gives me the first entry as the ThreatIntel plugin github

https://github.com/graylog-labs/graylog-plugin-threatintel/blob/master/src/main/java/org/graylog/plugins/threatintel/providers/otx/OTXLookupProvider.java

and the rest are two Cisco results, an OpenDNS, and other unrelated stuff.

I remember installing the ThreatIntel plugin, because @ionstorm’s Syslog threat intel pipeline uses it, but this error didn’t used to appear… and I think it started right after applying the omnibus to 2.2.3-2, from 2.2.3-1 OVA.


(Jan Doberstein) #2

You need to get an API key and add this to the configuration in the webinterface


(João Ciocca) #3

Got it! =D Thanks @jan


(system) #4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.