search

socfortress / CoPilot

SOCFortress CoPilot
https://www.socfortress.co
GNU Affero General Public License v3.0
210 stars 40 forks source link

Graylog Adapter missing files #182

Closed deey001 closed 7 months ago

deey001 commented 7 months ago

/etc/graylog/network_ports.csv "The path to the CSV file. The file does not exist."

/etc/graylog/software_vendors.csv "The path to the CSV file. The file does not exist."

/etc/graylog/nist_800_53_to_cui.csv "The path to the CSV file. The file does not exist."

Unable to signup for an API key for https://intel.socfortress.co/search?value=${key}

taylorwalton commented 7 months ago

Hey @deey001 thanks for installing the content pack.

Youre correct with the CSV files, you need to manually create these files on your Graylog server under /etc/graylog/**CSV FILE**

Here is an example blog post from Graylog: https://graylog.org/post/how-to-use-graylog-lookup-tables/

Currently our Threat Intel API is not available for public sign up, but we are currently working on it 👍

Best Regards, Taylor