Content Packs for Graylog
Lately, I have been working with Graylog a lot so I decided to update a few items on github and update their entries on the Graylog marketplace website.
BRO content pack for Graylog
The BRO IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog tcp input to capture and index BRO logs coming from a Security Onion sensor.
Fortinet content pack for Graylog
The Fortigate UTM content pack contains extractors, a stream, a dashboard displaying the last 24 hours of activity, and a syslog tcp input.