Hello Team,
Could you please help me on how to test threat intelligence is working or not. I have configured every thing based on the below link, but i am not getting througput value or error value.
is it possible to get an email alert when threat Intelligence OTX IP is malicious. I am using opensource tool Graylog 3.0 version.
he @plokesh1
you need to check if the used parts of the plugin are working or not. My advice is not to activate blind all parts and wait for magic to be happen.
The whois lookup need access to the whois servers AND the traffic might get ratelimited when you ask them to much. Some services need a payed subscription.
In addition what have you done exactly and how did you applied the rules to be run on your ingested mesages?
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
