Or if you have multiple message like this: Actionnum 0 Content_Length 1436 Content_Type application/x-compress Destination_IP 104.96.91.41 facility local4 level 4 message 1467954342 1 10.244.130.157 104.96.91.41 application/x-compress 10.244.130.157 http://update.nai.com/Products/CommonUpdater/Current/BOCVSE__1000/DAT/0000/PkgCatalog.z 1436 BYF ALLOWED CLEAN 2 1 0 0 0 (-) 0 Computing/Technology 0 - 0 update.nai.com Computing/Technology [n600456] update.nai.com - - 0 source FW Source_IP 10.244.130.157 timestamp 2016-07-08T05:33:22.441Z Url http://update.nai.com/Products/CommonUpdater/Current/BOCVSE__1000/DAT/0000/PkgCatalog.z Url_Cat Computing/Technology User [n600456]
I would like to see a Graph of the Top 10 User with the most (Total Content_Length) To see the Top 10 Users which creates the most traffic. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/cb59fea3-f680-4dad-b5b5-2b3daa0588d5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
