Best way to "forward" logs to another system for additional routing/alerting


(Ray) #1

The Graylog alerting mechanisms in the current release are not super flexible.

We’ve built an alert that sends messages from a stream to a HTTP callback which is running some NodeJS code for additional routing and alerting.

I was just wondering if there was a better way.

I looked at the Graylog Outputs, but there doesn’t appear to be a HTTP output or GELF HTTP output available in either core or the marketplace.

Is anyone else doing this and have a slicker approach that I’m not thinking of?

Cheers,
-Ray


(Jochen) #2

You can always write your own plugins for these.


(Ray) #3

Right. But unfortunately my Java skills are nonexistent.

Would it be worth putting in a feature request for an HTTP Stream Output or maybe a HTTP GELF Output to be added to Core? I think that could be beneficial for a ton of people. It sort of already exists at the alert notification level and I’m using it there, just not at the Streams level.


(Jochen) #4

Please contact our sales team via https://www.graylog.org/contact-sales or sales@graylog.com to discuss the possibility to sponsor a feature for one of the next Graylog versions.


(Ray) #5

I’ll see what I can do with that internally. We’re government so that could be a little tricky. I may put a feature request in on github in the meantime as a placeholder. Thanks for all your help mate.


(system) #6

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.