Integration with graylog

[Yugnk]

Can I integrate graylog alerts into Iris? Graylog has Custom HTTP Notification, but it asks for API Secret, I was unable to integrate it.

[migr19]

If you are able to send the alert data in this structure https://docs.dfir-iris.org/_static/iris_api_reference_v2.0.2.html#tag/Alerts/operation/post-case-add-alert API Secret (User API Key) you find at the user configuration:

[Yugnk]

In the url I put https:///alerts/add/ API KEY I added the API KEY that is in my IRIS profile, but it asks for the API Secret. I don't know if there is another way to configure this notification alert integration. Or if someone has already done the configuration.

[migr19]

Have you tried to add 1111 for API Secret? You can check how the Web Request is build , if you send it to a dummy webserver, which logs every request and check if everything is in the right format headers and post payload.

[jrunu]

API Key and API Secret are optional fields. You can leave them empty. Add "Authorization: Bearer $token " in the Headers field, replacing $token with the value of the API token for the user you want to use.

[gbyx3]

API Key and API Secret are optional fields. You can leave them empty. Add "Authorization: Bearer $token " in the Headers field, replacing $token with the value of the API token for the user you want to use.

This is what I did as well, worked like a charm.