I see in this post that it is configurable to change the default search time range. However, I was looking for a way to change the default streams the search is going to be performed on. This is very common for our teams to open up Graylog when an incident has happened, and without setting the streams field to search only between production logs, they start looking for clues.

Since we have other streams for staging or development environments, they may have errors that are not present in the production, and this way we are fooled lots of times by searching in all streams.

This may have happened because we misuse streams or the entire Graylog, but if we could set default search streams we would be much happier. Is it currently possible?

@alitou
Were useing Graylog 4.0.5 and what we did was create a “Saved Search” or a Dashboard for situations like that.

Depending on what version you have you can do this with streams.

image770×255 15.5 KB

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.