Hi Graylog Masters 
I setup few machines to send logs to my Graylog Web input. However I consider how can I create kind of “flag tool” in my masterpice. Below is general concept of my input messages:
08:00 AM - Host 1: log in
08:10 AM - Host 2: log in
08:11 AM - Host 3: log in
10:00 AM - Host 1: log out
10:10 AM - Host 2: log out
11:00 AM - Host 1: log in
I’d like to have a monitor where can I see how many machines are online and offline now. In my example at 9:00 I would have 3 green (Host 1,2 and 3 are logged in), at 10:30 I would have 1 green and 1 red, and at 11:30 I would have 2 green and 1 red. That’s all.
I had an idea to store only last message for each machine. As I said previously - kind of flag. How can I managed this? Do you have any idea? Can Graylog manage such an issue?
Kind regards,
Rafal.