Hello
I'm using the "production" OVA (not the beta) of Graylog
I noticed that when I try to export the results of a search, the message
field is trunked, see example below:
The full message is full_message
*{"1331892651000, 4776, "Success", "Security",
"Microsoft-Windows-Security-Auditin
As far as I know the source is not mandatory. You can create a proper
regex to pull in messages meeting the criteria from one of many sources.
Maybe setting up extractors and then using the exists clause from a
stream would give you want you want.
Using an extractor you can set a specific field
Hello
I'm having a problem with graylog and nxlog feed
I have a huge archive of windows event logs, I have been trying to import
these logs into graylog using nxlog and gelf
It all works well, nxlog pickup the logs and imports them but the messages
are being split in several records rather th
Hi,
Are you using the latest version of NXLog? There was a problem in an older
version
concerning Graylog/GELF.
Arie.
Op vrijdag 29 mei 2015 20:41:52 UTC+2 schreef Jesse Skrivseth:
>
> I'm not sure why, but suddenly the extractors are working today without
> any further action on my part. Ther
Jesse,
thank you for the update. I created an issue in GitHub for this with a
link to this mailing list thread.
https://github.com/Graylog2/graylog2-server/issues/1192
I also started to test with the detailed data you submitted but did not
see any problems. I was testing on 1.1.0-rc.1 though.
N
Arie,
great to hear! Thank you for your patience, testing and the details
reports! :)
Regards,
Bernd
Arie [Fri, May 29, 2015 at 01:25:52PM -0700] wrote:
>Bernd,
>
>Tested on installing, removing and managing the service from the script and
>console,
>everything without problems on serve
