[graylog2] Re: Email notifications using extractors
Hello, Jochen!
Thank you for answer. But I still havea problem.
I've created 2 extractors. From full message I extracted IP and Command
fields. In Dashboards I see these fields. I tried to rewrite callback.
${foreach backlog message}${message} - was by default
${foreach backlog message}${Ip} ${Command} - my version
I think it doesnt work because of my wrong syntax
вторник, 19 января 2016 г., 16:12:44 UTC+3 пользователь Jochen Schalanda
написал:
>
> Hi Stanislav,
>
> you can edit the email template for the Email Alert Callback in the
> Graylog web interface at Streams -> Manage alerts -> Edit callback. Within
> this template, you can access any message field.
>
>
> Cheers,
> Jochen
>
> On Tuesday, 19 January 2016 13:19:52 UTC+1, Stanislav An wrote:
>>
>> Hi all!
>>
>> Have a question. Is it possible to get email notifications not with full
>> log message from host, but with only specific fields, which i determined in
>> extractors?
>>
>> Or maybe you have some email designer?
>>
>> best regards,
>> Stanislav
>>
>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/d89f975c-8911-469a-a8d2-9ab32d35c006%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[graylog2] Email notifications using extractors
Hi all! Have a question. Is it possible to get email notifications not with full log message from host, but with only specific fields, which i determined in extractors? Or maybe you have some email designer? best regards, Stanislav -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/853ec1ef-530f-41cd-8fe9-89b58462f5ec%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[graylog2] Extractor doesn't work or incorrectly set
Hello, I don't know is it a bug or I just misunderstood how extractor works. Here is my problem. I have input for only GELF logs from apache server, in logs I have "duration_usec" field with numbers of ms, but since Graylog sees this as string I need to convert it to "numeric" field. I've created a new extractor for this input with type "Copy input" (here are my settings http://imgur.com/YcYtcag). However I don't see new "duration_usec_numeric" field in my logs, is it normal or did I miss something? Graylog version: 1.2.1 Thanks, Stan -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/dc7cdbc9-d91f-4322-8fbb-f580c050e288%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [graylog2] Trends presentation in dashboard
Hi Edmundo, thx for explanation, I did some research for another counter, see screenshots: http://imgur.com/a/765md the first one is counter for errors in last hour, you see 3437 messages the second one is the same stream for last 2 hours, 6636 messages, what makes 6636-3437=3199, so this mean for me the number of errors now is more than for "another" last hour, but the widget is still green (no screenshot, but you can trust me :) Best, Stan 2015-09-18 16:06 GMT+02:00 Edmundo Alvarez <edmu...@graylog.com>: > To be honest I'm not sure if it is an actual error or some misunderstanding > of how it works, as it is tricky. I will explain it here a bit more in depth, > so you can investigate further, and decide if it is working or not. > > When you add a count widget for the last 5 minutes, Graylog will do a search > in the last 5 minutes and count the number of messages. Adding a trend to > that widget means that Graylog will do two searches: one in the last 5 > minutes for the actual number you want to see, and another one in the > previous 5 minutes that is, since 10 minutes ago to 5 minutes ago, and > compare the results to show the trend information. > > So, in summary, to see if it is working as expected, you could do a search in > the last 10 minutes, subtract the count for the last 5 minutes, and see if > the previous count was higher or lower. Please let us know the results, so we > know if there is a problem with it. > > Cheers, > > Edmundo > >> On 18 Sep 2015, at 15:39, Stanislav Kopp <stask...@gmail.com> wrote: >> >> Hi Edmundo, >> >> thx, I will try upgrade graylog to 1.2 next week (I wanted to wait >> till 1.2.1 honestly), here some screenshot of my dasboard >> http://imgur.com/a/l0t02, the widget shows count of specific errors >> every 5 minutes (so less is better). here is "4", 5 minutes before it >> was "1", so if I understood correctly the arrow should be red >> (pointing up). >> >> Best, >> Stan >> >> 2015-09-18 14:21 GMT+02:00 Edmundo Alvarez <edmu...@graylog.com>: >>> Hi Stanislav, >>> >>> The "lower is better" option changes the used colour for arrows indicating >>> the trend. With that option enabled, arrows pointing down will be in green, >>> and arrows pointing up in red. I am not aware of any issues with that >>> feature, at least seems to be working in 1.2.0. Could you please upgrade to >>> 1.2.0 and see if the problem disappears? >>> >>> In other case, please attach an screenshot of the problem, and the >>> configuration of the widget (you get it by clicking on the info button on >>> the bottom-right corner of the widget). >>> >>> Regards, >>> >>> Edmundo >>> >>>> On 17 Sep 2015, at 18:18, Stanislav Kopp <stask...@gmail.com> wrote: >>>> >>>> Hi all, >>>> >>>> I have a question about trends in dashboard, I've activated trend for >>>> simple logs counter with option "Lower is better", but no matter if number >>>> of logs is lower or higher, it always remains "green". Did I misunderstood >>>> this feature or it is something wrong with my setup? >>>> >>>> I'm using Graylog 1.1.4 >>>> >>>> Thanks, >>>> Stan >>>> >>>> -- >>>> You received this message because you are subscribed to the Google Groups >>>> "Graylog Users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send an >>>> email to graylog2+unsubscr...@googlegroups.com. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/graylog2/c186a534-3577-4455-9a5c-5c4876a75fb0%40googlegroups.com. >>>> For more options, visit https://groups.google.com/d/optout. >>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "Graylog Users" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/graylog2/rgagiaf8MgM/unsubscribe. >>> To unsubscribe from this group and all its topics, send an email to >>> graylog2+unsubscr...@googlegroups.com. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/graylog2/3FF40F9E-94B6-4586-9C93-3CA575A83222%40graylog.com. >>> For more options, visit https://groups.google.com/d/optout. >> >> -- >> You received this message because you are subscribed to the Go
Re: [graylog2] Trends presentation in dashboard
Hi Edmundo, thx, I will try upgrade graylog to 1.2 next week (I wanted to wait till 1.2.1 honestly), here some screenshot of my dasboard http://imgur.com/a/l0t02, the widget shows count of specific errors every 5 minutes (so less is better). here is "4", 5 minutes before it was "1", so if I understood correctly the arrow should be red (pointing up). Best, Stan 2015-09-18 14:21 GMT+02:00 Edmundo Alvarez <edmu...@graylog.com>: > Hi Stanislav, > > The "lower is better" option changes the used colour for arrows indicating > the trend. With that option enabled, arrows pointing down will be in green, > and arrows pointing up in red. I am not aware of any issues with that > feature, at least seems to be working in 1.2.0. Could you please upgrade to > 1.2.0 and see if the problem disappears? > > In other case, please attach an screenshot of the problem, and the > configuration of the widget (you get it by clicking on the info button on the > bottom-right corner of the widget). > > Regards, > > Edmundo > >> On 17 Sep 2015, at 18:18, Stanislav Kopp <stask...@gmail.com> wrote: >> >> Hi all, >> >> I have a question about trends in dashboard, I've activated trend for simple >> logs counter with option "Lower is better", but no matter if number of logs >> is lower or higher, it always remains "green". Did I misunderstood this >> feature or it is something wrong with my setup? >> >> I'm using Graylog 1.1.4 >> >> Thanks, >> Stan >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Graylog Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to graylog2+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/graylog2/c186a534-3577-4455-9a5c-5c4876a75fb0%40googlegroups.com. >> For more options, visit https://groups.google.com/d/optout. > > -- > You received this message because you are subscribed to a topic in the Google > Groups "Graylog Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/graylog2/rgagiaf8MgM/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/3FF40F9E-94B6-4586-9C93-3CA575A83222%40graylog.com. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/CAFddgf3detsBhXPFuSKsd0GODRDsZx3BnzsVG-0ya0kMVJ7%2Bdg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
