Doing a dashboard search

wilsonshow · November 16, 2023, 3:39am

I’m relatively new to Graylog and would appreciate guidance on performing a targeted search within a dashboard. Specifically, I’m interested in filtering messages based on the following criteria:

Source: Messages originating from ‘Blackbox’
Message content: Anything relevant to ‘blackbox Hostd’

Additionally, I’ve successfully set up a pipeline rule to prevent logs related to certain strings from entering the system.

Could someone guide me on creating a search query or filter within Graylog to isolate messages originating from ‘Blackbox’ and containing ‘blackbox Hostd’ in the message content?"

patrickmann · November 16, 2023, 8:05am

Query syntax is based on the underlying engine: Elastic or OpenSearch

Here are some examples for ES that might be helpful:

OS also supports a SQL-style query syntax:

https://go2docs.graylog.org/5-0/making_sense_of_your_log_data/writing_search_queries.html?tocpath=Searching%20Your%20Log%20Data|_____1

system · November 30, 2023, 8:06am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Help with search syntax Graylog Central (peer support)	3	2766	December 10, 2018
Graylog search problem Graylog Central (peer support)	7	3244	November 2, 2017
Run Elasticsearch Query in Graylog Search Graylog Central (peer support)	2	2757	June 15, 2017
Query not producing results Graylog Central (peer support)	5	567	March 15, 2018
Graylog search query Graylog Central (peer support)	10	2464	February 8, 2019

Doing a dashboard search

Related topics