Because a particular request for alerting, I have come up with a use case scenario that I would like to share.
The requirement is an alert that only triggers within a specific time frame. For example: If a user logs on to a server from 9:00AM to 11:00AM alert me, after that time the alert is not necessary. I think having a time for when an alert could be triggered could add a lot of flexibility to graylog. Also is there a way to alert if a field is equal to one of a list of values? Something like: if userid = "user01 or user02 or user03 or user04" and eventid = "1234 or 4321 or 9999" -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/1e9c3eb7-dd89-4655-b94f-be054f677ef9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
