I forgot to post it when I got finished.
Will reply to the group in the morning.
Sent from my iPhone
> On Jan 22, 2017, at 6:21 PM, Wil Hutchins wrote:
>
> How did you guys go with getting Exchange 2013 info into Graylog?
>
>> On Saturday, 21 May 2016 11:56:27 UTC+10,
Have you tried powershell? As I recallthere's a Get-Auditlog cmdletmy
syntax may be off. But...if you could grab it that way, even in a scheduled
task...you could use export-csv syntax to get it to output
I can turn it in at my office and figure it outwhat info do you want out of
GL2 is an incredible tool...and I'm learning more and more each day.
I've been through the docs and ask through the groups here...great info.
Just a questionthe more rules I build, the more I wonder what I'm missing
Ate there any good places to go for rules creation? I work on Windows
How did you guys go with getting Exchange 2013 info into Graylog?
On Saturday, 21 May 2016 11:56:27 UTC+10, Dustin Tennill wrote:
>
> That sounds pretty interesting, and I would like to help.
>
> I was planning on trying to get a script together that would send message
> tracking logs into
Le dimanche 22 janvier 2017 21:50:02 UTC, jony a écrit :
>
> i would like to connect many servers to graylog through tcp ,so i guess i
> need a new input for each server ,and a different port number for each one
> ,right ?
>
> Le dimanche 22 janvier 2017 16:39:35 UTC, Jochen Schalanda a écrit
i would like to connect many servers to graylog through tcp ,so i guess i
need a new input for each server ,and a different port number for each one
,right ?
Le dimanche 22 janvier 2017 16:39:35 UTC, Jochen Schalanda a écrit :
>
> Hi,
>
> On Sunday, 22 January 2017 14:06:40 UTC+1, jony wrote:
Hi,
On Sunday, 22 January 2017 14:06:40 UTC+1, jony wrote:
>
> i think it is text based but can you confirm that to me ,here's a link of
> the detailed log format : https://kb.cyberoam.com/default.asp?id=1808
>
This looks relatively easy to parse with extractors or the message
processing
Hi Jochen,
After swittching the receiver to 1514, and a reboot, the server is
receiving messages now. However, when I change the user back to "graylog",
and restart, after about 1 minute, it crashes with 1000's of errors.
Swithing back to root fixes it. I think I should reload the server and
Hi Jochen,
Understand about the security implications. Thank you for pointing out ;)
On the receipt issue, yes, I'm sure there is not a network issue, on the
graylog server I'm receiving the packet. It's just not showing up in
Graylog:
[root@server]# tcpdump -nnvvi ens32 port 514
tcpdump:
thanks a lot Jochen ,the best (y) ,
i think it is text based but can you confirm that to me ,here's a link of
the detailed log format : https://kb.cyberoam.com/default.asp?id=1808
For the port number ;let's say i have 30 inputs all using tcp ,if i choose
for each one a different port number
Hi,
On Saturday, 21 January 2017 23:00:58 UTC+1, jony wrote:
>
> Can someone please help me. I've tried different types of input in the
> list but none of them seems to enable the connection ,and my input fails .
>
If the format is text-based, you can use a Raw/Plaintext UDP or TCP input
and
Hi Brandon,
thanks for sharing!
Cheers,
Jochen
On Sunday, 22 January 2017 09:59:13 UTC+1, BKeep wrote:
>
> I have been working on this for a little while and wanted to share what I
> have so far. I created a SaltStack formula for deploying Graylog. I also
> created supporting formulas for
On Sunday, 22 January 2017 12:54:20 UTC+1, Jochen Schalanda wrote:
>
> On Sunday, 22 January 2017 06:19:21 UTC+1, JayJay wrote:
>>
>> Changed user to root, restarted server, and the input is starting ok now.
>>
>>
>
> From a security perspective, that's a very bad idea and I'd recommend to
>
Hi Jason,
On Sunday, 22 January 2017 06:19:21 UTC+1, JayJay wrote:
>
> Changed user to root, restarted server, and the input is starting ok now.
>
>From a security perspective, that's a very bad idea and I'd recommend to
use one of the other mechanisms described in the
documentation:
I have been working on this for a little while and wanted to share what I
have so far. I created a SaltStack formula for deploying Graylog. I also
created supporting formulas for Elasticsearch and MongoDB that support a
Graylog install, which are linked form the README.
If anyone is using Salt
15 matches
Mail list logo