Get log message size


#1

Hello,
Is there a way to print out on Graylog’s web interface the size of the log message received ?

Thank you


(Jochen) #2

That’s not possible out of the box.

You could probably use the Elasticsearch Mapper Size plugin to store the message size in Elasticsearch and query the _size field in the web interface.

Just out of curiosity, what’s the use case you’re trying to implement which requires knowing the exact message size?


#3

Thanks for the fast reply :slightly_smiling_face:

Those messages plus other heavy data are sent over “Cellular data” (4G network) and I want to have an idea about how heavy my log message can be.
I just installed the plugin you’re talking about and I can’t find the correct location to modify the _size field. Do you have an idea where or how it can be done ?

Thank you


(Jochen) #4

https://www.elastic.co/guide/en/elasticsearch/plugins/5.6/mapper-size-usage.html


(Daniel Schindler) #5

The mentioned doc I guess uses the create index api but for an existing index one has to use the put mapping api. Any idea how you would apply this to an existing index and ensure that it is enabled for all newly created index?


(Jochen) #6

You could create a custom index template: http://docs.graylog.org/en/2.4/pages/configuration/elasticsearch.html#custom-index-mappings


(system) #7

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.