Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question.
Don’t forget to select tags to help index your topic!
1. Describe your incident:
Looking for best practice in regards to getting started with graylog, is there a process flow of what I should be doing? I am getting confused after I have my input setup and i am getting confused reading the online docs.
I have my input setup and logs are coming in, so far I have setup an indices, pipeline, stream and some rules but Im not sure I understand how they all work together. I watched a few youtube video that stated to use pipelines and don’t use extractors.
Is there a simple tutorial I can use to understand the data flow and what I need to setup?
At a high level, im just looking to see my blocked trafffic. thanks.
2. Describe your environment:
-
OS Information:
ubuntu 24 -
Package Version:
6.2 -
Service logs, configurations, and environment variables:
n/a
3. What steps have you already taken to try and solve the problem?
I have watched and read everything under the sun to try to understand how it all works. I think I’m getting lost in the detail.
4. How can the community help?
Any direction, pointers or best practice would be great!
Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]