/graylog-stealthwatch

Here you can find graylog extractor and sample dashboard what you can use in your Stealthwatch configuration.

GNU General Public License v3.0GPL-3.0

graylog-stealthwatch

Here you can find graylog extractor and sample dashboard what you can use in your Stealthwatch configuration.

EXTRACTOR_STW.json is used to parse incoming syslog message. Graylog-stealthwatch_dashboard.json is simple dashboard example. You need to edit query DOMAIN:PUT-YOUR-OWN-DOMAIN-HERE to DOMAIN:acme.local if acme.local is your domain.