I may have the terms off here In the stream rules, I can select a field...Event ID for example....select the operator....match exactly for example, and then the field of what I want it to match...4688 for example
The rule only seems to give me the one category/operator/criteria choice per rule. So in the search above....what would the rule structure look like to get the same result? Thanks for bearing with my noob-Ness Tp -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/9cbe6e60-4c0d-47fc-8aa7-820ca71d9aa9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.