Open Yugnk opened 2 months ago
If you are able to send the alert data in this structure https://docs.dfir-iris.org/_static/iris_api_reference_v2.0.2.html#tag/Alerts/operation/post-case-add-alert API Secret (User API Key) you find at the user configuration:
In the url I put https://
Have you tried to add 1111 for API Secret? You can check how the Web Request is build , if you send it to a dummy webserver, which logs every request and check if everything is in the right format headers and post payload.
API Key and API Secret are optional fields. You can leave them empty. Add "Authorization: Bearer $token " in the Headers field, replacing $token with the value of the API token for the user you want to use.
API Key and API Secret are optional fields. You can leave them empty. Add "Authorization: Bearer $token " in the Headers field, replacing $token with the value of the API token for the user you want to use.
This is what I did as well, worked like a charm.
Can I integrate graylog alerts into Iris? Graylog has Custom HTTP Notification, but it asks for API Secret, I was unable to integrate it.