Getting Starting with Pipelines

Hello Everyone,

I am new to graylog so I apologize in advance for any incorrect use of terms and mistakes I make.

I am trying to alter the timestamp in a stream and from what I have read pipelines are the best way to accomplish this.

I have created a test pipeline with a connection stream and a single stage.

Here is the rule source:
rule “time update”
let new_date = “2019-01-11T20:49:46.805Z”;
set_field(“timestamp”, new_date);

From what I understand, this should change all the timestamps from the stream to 2019-01-11T20:49:46 but this is not happening.

Observing the "manage pipeline’ screen shows no throughput for the stage or rule.

Any guidance would be much appreciated, even a link to some useful documentation.

I have already read the graylog documentation ( but if I missed something please point it out.


what is your processing oder? “System > Configuration” The processing pipelines should be after the message filter chain.

1 Like

|1| AWS Instance Name Lookup
|2 |GeoIP Resolver
|3| Pipeline Processor
|4| Message Filter Chain

I switched the ordered of 3 and 4 and it worked!

Thank you very much!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.