Hey All I’m trying to get the Open Threat Exchange - Threat intel plugin working on a graylog instance in my lab. I have installed the Content pack and added a a pipeline to a Squid Proxy stream to try to get some basic threat analysis on the field “_server_ip” … but it will not add fields to the s…

Threat Intelligence Plugin Help

dscryber (David Sciuto) Split this topic May 27, 2021, 2:13pm 2

2 posts were merged into an existing topic: About the Daily Challenges category

Topic		Replies	Views
Trying to get the Open Threat Exchange - Threat intel plugin working on a Graylog Graylog Central (peer support) pipeline-rules	10	1239	June 25, 2021
Not able to understand Threat Intelligence plugin Graylog Central (peer support) pipeline-rules	4	2266	May 16, 2018
Graylog Threat Intel Plugin Results - Stuck in Tail cave Graylog Central (peer support) pipeline-rules	6	1648	June 29, 2020
Create a new pipeline for Threat Intel Graylog Central (peer support) pipeline-rules	3	424	July 20, 2022
Threat Plugin output issues Graylog Central (peer support)	1	437	March 29, 2018