Best way to "forward" logs to another system for additional routing/alerting

The Graylog alerting mechanisms in the current release are not super flexible.

We’ve built an alert that sends messages from a stream to a HTTP callback which is running some NodeJS code for additional routing and alerting.

I was just wondering if there was a better way.

I looked at the Graylog Outputs, but there doesn’t appear to be a HTTP output or GELF HTTP output available in either core or the marketplace.

Is anyone else doing this and have a slicker approach that I’m not thinking of?

Cheers,
-Ray

You can always write your own plugins for these.

Right. But unfortunately my Java skills are nonexistent.

Would it be worth putting in a feature request for an HTTP Stream Output or maybe a HTTP GELF Output to be added to Core? I think that could be beneficial for a ton of people. It sort of already exists at the alert notification level and I’m using it there, just not at the Streams level.

Please contact our sales team via https://www.graylog.org/contact-sales or sales@graylog.com to discuss the possibility to sponsor a feature for one of the next Graylog versions.

I’ll see what I can do with that internally. We’re government so that could be a little tricky. I may put a feature request in on github in the meantime as a placeholder. Thanks for all your help mate.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.