Hey All I’m trying to get the Open Threat Exchange - Threat intel plugin working on a graylog instance in my lab. I have installed the Content pack and added a a pipeline to a Squid Proxy stream to try to get some basic threat analysis on the field “_server_ip” … but it will not add fields to the s…

Threat Intelligence Plugin Help

dscryber (David Sciuto) Split this topic May 27, 2021, 2:13pm 2

2 posts were merged into an existing topic: About the Daily Challenges category

Topic		Replies	Views
Trying to get the Open Threat Exchange - Threat intel plugin working on a Graylog Graylog Central (peer support) pipeline-rules	10	1312	June 25, 2021
Threat Intel Setup Graylog Central (peer support)	6	851	June 6, 2022
Not able to understand Threat Intelligence plugin Graylog Central (peer support) pipeline-rules	4	2323	May 16, 2018
Graylog Threat Intel Plugin Results - Stuck in Tail cave Graylog Central (peer support) pipeline-rules	6	1718	June 29, 2020
Create a new pipeline for Threat Intel Graylog Central (peer support) pipeline-rules	3	468	July 20, 2022