Problem
You used to be able to create a filter in a widget in a dashboard in early version of Graylog. Has this functionality been replaced in current Graylog V5.
I am running Graylog V5.0.3
Use Case
I want to create a dashboard that has a time range associated with it, that’s the easy part. Next I want to create an aggration which shows data which is sub filtered within the aggregation. Therefore If I change time range all other aggregations / widgets update.
You could think of it as a status dashboard (something like a vulnerability dashboard) with different services in each aggregation, giving an overall view
Anyone know if this is possible in Graylog V5?
Example
Absolute date time range with search query “system=vulnerable”
Filtered on service e.g. SSH , SMTP within aggregation showing a count of systems
Any help appreciated
Magnetron.
Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]
