Fetch asset details in a particular graylog stream

How to fetch asset details in a particular graylog stream?

Not much to go on with that question.

Sounds like you have a message coming into a stream and you want to know how to break it into fields with either extractors or in the pipeline (they both do pretty much the same thing).

Could you explain a little bit further on what you have, what you are looking for… include an example message and extractor/pipeline information?

There is a bunch more side information that you can post that is relevant… use this post as a guide… there is also this post that includes some commands for extracting environmental information…

1 Like

We need to get report, say assets associated with a particular stream, example if 100 assets are onboarded to a stream ‘X’ we need to collect this data either from graylog front-end or from backend (via grylog, elastic serach, mongo db ).

Ah. There may be some reports in the Enterprise version that would help. Graylog Enterprise is free if you can keep your data below 2GB daily. You could pull them from Elasticsearch perhaps though an API call. You would likely need to de duplicate the results though. In short the data you are looking for would be stored in Elasticsearch, the MongoDB is only for Graylog data/settings which affect the message between receiving and storage in Elasticsearch.

thanks for the feedback, we are using Enterprise version. Any idea which API should be used to get the details.

I am note sure - you can poke around and see what gives you the information you need:


@maprakash when you say “assets” are you referring to log sources? Like what appears in the “source” field of the message? Even if you’re referring to a different field labeled “asset,” you just need to make an aggregation when searching in that Stream to list out the number of distinct log sources/assets. There should be no need to interface directly with any API to get a count of logging assets, or a count of distinct values for any field for that matter.

See our docs for info on how to create aggregations in search widgets.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.