Got my first pipeline working so figured I'd share in case anyone else had
issues making one for dropping messages
rule "drop vormetric netbackup"
when
contains(value:to_string($message.message), search:"vormetric:SOURCE")
&& contains(value:to_string($message.message), search:"bpbkar32.exe")
then
drop_message();
end
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/6748c3a6-c972-4afd-b056-ac9eb6bbc7a6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
