I’m doing a paper-evaluation of Graylog for project usage. We need to load Elasticsearch with a subset of fields from each message. I can’t tell from the Extractor documentation if Extractors only work with messages already loaded in Elasticsearch or if I can use them to extract desired fields from each message then send those desired fields to Elasticsearch
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.