Graylog Plugin Threatintel Versions Save

Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases

0.10.0

7 years ago

Compatible and tested with Graylog 2.2.1

Note: The RPM package has to be installed with the following command:

# rpm -i --ignoreos graylog-plugin-threatintel-0.10.0-1.noarch.rpm

0.9.2

7 years ago
  • Don't bundle unnecessary Java classes (reducing plugin size)
  • Compatible with Graylog 2.1.3

0.9.1

7 years ago

Release is broken. Do not use!

Tested with and built for Graylog v2.1.3.

0.9.0

7 years ago

Tested with and built for Graylog v2.1.2.

Changes

  • New function: whois_lookup_ip(ip_address) : WhoisIpLookupResult

0.8.0

7 years ago

Tested with and built for Graylog v2.1.2.

Changes

  • New function: threat_intel_lookup_ip(ip_address) : GlobalLookupResult
  • New function: threat_intel_lookup_domain(domain_name) : GlobalLookupResult

0.7.0

7 years ago

Tested with and built for Graylog v2.1.1.

Changes

  • New function: in_private_net(ip_address) : Boolean

0.6.0

7 years ago

Changes

  • Now excluding IPv4 addresses in private networks as defined in RFC 1918 from lookups.

Tested with and built for Graylog v2.1.1.

0.5.0

7 years ago

First running and installable version. Tested with and built for Graylog v2.1.1.

0.3.0

7 years ago

0.2.0

7 years ago