ST Alpha - "I spent my whole morning trying to get Graylog up and running and talking to our Wazuh server I'm experimenting with with our interns who" (Reading a Post)

SlickerTalk
Search Archives
The Leaderboard
The FAQ

Down to Post

Backboards:

Posts: 152

In response to "Its like the entire IT Dept is trying to do Prod IT work during the day with users on. Just asking for trouble -- nm*" by budice

I spent my whole morning trying to get Graylog up and running and talking to our Wazuh server I'm experimenting with with our interns who

Posted by oblique (aka kkuphal) Jul 24 '23, 09:56

are both pursuing cybersecurity degrees

- Won't talk to Wazuh's elasticsearch instance over http (oh, right, I used self signed certs)
- Added CA cert to Graylog's container. Can't verify hostname
- Found random github issue for different version of Graylog stating it will only use certs with SAN names (WTF?) https://github.com/Graylog2/graylog2-server/issues/12897#issuecomment-1168485954
- Modified wazuh certificate generation script to include SAN after figuring out how to get openssl to issue it

SUCCESS!

sigh

Responses:

I've considered graylog for ST's logs. Haven't tried it out recently. -- nm - Beryllium Jul 24, 10:00

Post a message top

I spent my whole morning trying to get Graylog up and running and talking to our Wazuh server I'm experimenting with with our interns who

Replies are disabled on threads older than 7 days.