Hi
Is it possible to have 3 indexes elasticsearch (3 perfixe name) for 3 Graylog input (3 different data sets) So I have:
3 Csv datasets:
1 - logs
2 - words
3 - queries
I do a processing of these 3 datasets with 3 different graylog input (amqp gelf).
I would like to know if it is possible to store since Graylog the result of each process in 3 indexes elasticsearch having a different name? eg: using prefixes
Best regards
Yes, that’s possible with index sets:
http://docs.graylog.org/en/2.4/pages/configuration/index_model.html
It’s good newz for me Jochen, thx U
Can I export this configuration to a content pack? to redeploy the set automatically
No, that’s not possible.
Really pity 
sniff !!!
is it possible to push this configuration with the graylog API?
thx U
Yes, you can create index sets, inputs, streams, stream rules, processing pipelines, and pipeline rules via the Graylog REST API.
Hmmm!!! that good 
thx u
At what time or in which interface can I configure my graylog input to write in this or that index (prefixed) elasticsearch?
Hi @Jochen you need:
1 - create an “index set”
2 - create a stream with a rule to redirect to the “Index-set” that I just created.
That’s right???
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.