Hi, You should use streams, with one rule filtering all logs from the windows server only, and the second rule defining the timestamp range that the log should have, with regexes. I will post an example tomorrow if you still need it.
Cheers. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/2212ce21-52cb-499e-87d7-2fe61ce38763%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.