Hi Julius, there's currently no official integration of TAXII with Graylog. I guess you would need to write a custom plugin for integrating TAXII or other IoC feeds and check against them.
Cheers, Jochen On Monday, 29 August 2016 03:25:26 UTC+2, juliusb...@gmail.com wrote: > > graylog newbie here...so forgive me if this is covered elsewhere. > > is anyone using graylog to monitor against IOC lists? in particular i'm > interested in integrating stix/taxii feeds such as the open source > hailataxii feed to identify threats in my log data. not preferred, but i'm > also open to manually (or by script) uploaded IOC data into lists/databases > against which my log data would be evaluated/reported. any info on how to > do this would be greatly appreciated. > > thanks, > j. > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/a6717e32-90a8-4486-8b7b-80d4b206355a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
