The company I work for has been going back and forth between using an ELK stack or GrayLog for managing the logs for roughly 400+ devices. The big factor which is in pro of an ELK stack is data deduplication. I was wondering if there was a way to also do this with GrayLog. As far as I can tell currently, ELK does it at the ElasticSearch level, which means in theory we could also set it up with GL2. Have any of you been able to successfully setup such a system?
Do you have a link to that? (Documentation, blog post, white paper, or something similar)
Just to confirm the feature request, it is not currently a feature?
The scenario we currently are having is there are a few software solutions which have been giving out lots of duplicate Errors (over 100k in most scenarios) and we need a way of sifting through that without sending 100k alerts.
Just going off of a coworker, although I haven’t personally been able to find any data supporting it. Waiting for an email back from him.
Yes, correct. It’s an open feature request.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.