search

rahoulrdhopade / Sophos_Graylog_Extractor

JSON for Sophos Xg Home And Graylog
2 stars 1 forks source link

Cannot import Extractor #1

Closed kuroboshi closed 4 months ago

kuroboshi commented 6 months ago

Hello,

I have this message when i try to import the json :

Could not import content pack Error importing content pack, please ensure it is a valid JSON file. Check your Graylog logs for more information.
Unable to map property extractors. Known properties include: entities, rev, summary, vendor, inputs, lookup_tables, name, requires, url, outputs, streams, lookup_data_adapters, lookup_caches, _id, grok_patterns, description, category, dashboards, parameters, v, id Error Import Extraxtor

Graylog 5.2.4 on ubuntu 22.04

bmelim commented 4 months ago

you need to import it in the input extractors, paste the JSON content into the Import field.

kuroboshi commented 4 months ago

Thanks @bmelim it's working but now i have a issue when Graylog extract all numbers such as rule_id or ip_adress or src_ip

Exemple : dst_ip=8.8.8.8 image

It's work with another pattern : image