Hi Julius, there's currently no official integration of TAXII with Graylog. I guess you would need to write a custom plugin for integrating TAXII or other IoC feeds and check against them.
Cheers, Jochen On Monday, 29 August 2016 03:25:26 UTC+2, [email protected] wrote: > > graylog newbie here...so forgive me if this is covered elsewhere. > > is anyone using graylog to monitor against IOC lists? in particular i'm > interested in integrating stix/taxii feeds such as the open source > hailataxii feed to identify threats in my log data. not preferred, but i'm > also open to manually (or by script) uploaded IOC data into lists/databases > against which my log data would be evaluated/reported. any info on how to > do this would be greatly appreciated. > > thanks, > j. > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/a6717e32-90a8-4486-8b7b-80d4b206355a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
