[graylog2] Please remove other solution item from marketplace

I previously shared some extractors on the marketplace and I added additional content like a dashboard, streams etc. I then created a new repo on github for a content pack. Can someone remove the listing in the "Other Solutions" section? I have already created a new entry under the "Content

[graylog2] Re: Alert Configuration - Callback per message (no grace period)

Im also interested in this. I have a stream setup for any log message containing an error, and would like to get an email for every such message. But it seems like if multiple messages come in close together I only get one email. On Monday, May 11, 2015 at 2:52:08 PM UTC-4, Zi Dvbelju wrote:

[graylog2] Web interface connecting issue

Due to space constraints, I built a new graylog server from scratch instead of using the OVA At first glance it worked but had some issues logging into the web interface (Post error) so back to the drawing board, Between the online docs and comparing the conf file on the appliance I felt I

[graylog2] Re: Set a new field name knowing just a value

Hi Brandon On Friday, 16 December 2016 17:32:36 UTC+1, BKeep wrote: > > Never mind I'm dumb. > This works just fine. The double quotes " were the problem. > For clarification: the double quotes are only required for the regular expression functions because they return an array indexed by

[graylog2] Re: Set a new field name knowing just a value

Never mind I'm dumb. This works just fine. The double quotes " were the problem. set_field("ts", m[0]); set_field("uid", m[1]); set_field("id_orig_h", m[2]); set_field("id_orig_p", m[3]); set_field("id_resp_h", m[4]); set_field("id_resp_p", m[5]); On Friday, December 16, 2016 at

[graylog2] Set a new field name knowing just a value

I am using pipeline processing to manipulate some log messages and recently upgraded to the 2.2.0.beta.2 release because of some grok issues. In this release, there is a new split function(awesome) but I am stumped about how I can take my message and convert it into fields. The log that comes

Re: [graylog2] Graylog2 , filebeat multiline pattern

Hi, you can stop the sidecar at any time and execute filebeat directly for debugging. The last configuration is still in the /generated directory and can be used with filebeat -c .../generated/filebeat.yml Cheers, Marius On 16 December 2016 at 15:35, mytempledarkstar

[graylog2] Graylog2 , filebeat multiline pattern

Hello. I am new in graylog2 configuration. I have to pass to filebeat multiline pattern but i have no idea that this pattern works correctly. Could You tell me how to debug filebeat against multiline pattern ? The collector-sidecar manages filebeat so can't run it with parameters :