Vcenter/ESxi Log Source - Build pineline rule to detect attack based on blacklist URL

We collect all blacklist URL which can use to attack vcenter/esxi server from remote address.
If we push logs to a centralized system like Graylog, we can immediately detect attacks on the system.
Link github:

Team SOC can also monitor through the dashboard