Hi. Could some advise me on what tactic might be utilized to detect when a specific syslog appears without a certain other one following it up within a given time period, say 60 seconds? Thank you.
you would need to write a plugin that does this for you - the vanilla graylog can’t do this.