I’m trying to find a way to create a query in a way that if event1 happens and then event2 happens within a minute after that I can create a dashboard and also be alerted when it occurs.
I can create a query for event1 and event2 separately, but how would I combine it?
you could combine the event search in Graylog 3.1.3 - make event1 as single event search, create a single event search for event2 and after that create a aggregation search on the event stream about that …
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
