I added this Github issue so you can track the issue I mentioned in point
number 2:
https://github.com/Graylog2/graylog-plugin-pipeline-processor/issues/46
Cheers,
Edmundo
> On 18 Jul 2016, at 10:51, Edmundo Alvarez wrote:
>
> I spent some time debugging the issue, and I found two of them:
>
I spent some time debugging the issue, and I found two of them:
1. The when expression should be wrapped in a "to_bool" function, otherwise the
parser gets confused about it and replaces it with "false":
to_bool(regex("[^0-9a-zA-Z]([0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+)[^0-9a-zA-Z].*[^0-9a-zA-Z]
On Mon, Jul 11, 2016 at 11:28 AM, Jason Haar wrote:
> If I take the regex I wrote in this rule (as per first email), replace
> '\\' with '\', then the regex works fine via egrep. It's a simple "when, do
> this" type statement: I can't see what's gone wrong in it
>
Oh - and thanks to your comment
On Fri, Jul 8, 2016 at 10:32 PM, Edmundo Alvarez
wrote:
>
> It's hard to tell what is wrong from here, since we can't exactly see how
> your messages look like. Could you share a couple of messages with us?
>
> Please be aware that at the moment, the "regex" function needs to match
> the whole st
Hi Jason,
It's hard to tell what is wrong from here, since we can't exactly see how your
messages look like. Could you share a couple of messages with us?
Please be aware that at the moment, the "regex" function needs to match the
whole string:
https://github.com/Graylog2/graylog-plugin-pipeli
Hi there
First I want to say how wonderful the "extractor" webpage is: it's so easy
to create AND TEST extractors...
...unfortunately the new pipelines (which I want to use as they are the
official future) don't have the same testing capacity. Can someone tell me
what's wrong with this rule: it s
