I have enabled the threatintel plugins, register at otx and entered the api key. The graylog server has access to internet.
Now, when I run the test lookup against otx domain, I always get the same result.
the other threatintel plugin has error
I have used a copy of default trust store cacerts and used graylog jvm settings to point to the copy of the cacerts. I have also manually added the cert to default store, replaced the default store with its working copy however I still have the errors and no change in the outcome when testing.
I am using https://ransomwaretracker.abuse.ch/downloads/CW_C2_DOMBL.txt to test but so far all results are not coming.
any idea what might be the issue here.