I configured the threat intelligence following the guide below:
Q1: I can see extra fields are added as expected, but can everyone suggest a way for me to validate it is working properly?
Q2: I assume the v3.x version require no further configuration beyond those listed in the links above. If I am not wrong, do the intelligence sources update automatically? Or how can I check which sources they are using now?
Graylog Version: 3.2.4
Installed via Ubuntu package