FAQ - JCSC-JE/Graylog-IR GitHub Wiki

This page will try to answer some questions regarding the system and it s operation.

Why are there no filtering / dashboards for CSV / JSON Files ?

As CSV / JSON data could be anything from a firewall logs to a custom application, it is not possible to build them. It is suggested that you ingest the data and then build the dashboards to showcase the data that you want to.

I am having trouble building the system

There is support via the Graylog forums Graylog Community Forums.

We are a CSIRT / national CSIRT and need help

Please reach out to the JCSC via the [email protected] mailbox.

We are a CSIRT / national CSIRT, can we have a copy of the virtual machine

Please reach out to the JCSC via the [email protected] mailbox.

Why are there so few dashboards at the moment?

These will be added shortly, but the dashboard creation was delayed, it was decided to release at FIRST Fukuoka 2024. These will be added in July 2024 with instructions to install the updated dashboards.

Are there detections rules?

Not at present, these will be added soon with templates for emailing alerts. It was intended to have them ready but incidents happen.