Graylog outputs

Srumith · February 7, 2018, 11:03am

Hi Team

How to restrict graylog to output the messages from only one stream using graylog outputs?

Thanks
Srumith.

jochen · February 7, 2018, 11:58am

You would create an output only for the desired stream.

Srumith · February 7, 2018, 12:00pm

Did the same.
But still I find the messages related to other streams.
Is there any flag kind of thing which I need to enable/disable?

jochen · February 7, 2018, 12:03pm

Please elaborate in greater detail what exactly you mean with that.

Srumith · February 7, 2018, 12:06pm

Sure.
I have two streams Stream A and Stream B.
Configured an output called Output A with destination as Kibana for Stream A
In Kibana, I have configured elasticURL as http://<host>:9200/.
Now, when I check Kibana, I have messages related to Stream A and Stream B.
I am not expecting messages related to Stream B on Kibana.

jochen · February 7, 2018, 12:10pm

What output have you configured exactly and what’s the configuration?

Srumith · February 7, 2018, 12:14pm

Gelf Output I have configured. Following is the configuration -

connect_timeout: 1000
hostname: ##.##.##.##
max_inflight_sends: 512
port: 5601
protocol: TCP
queue_size: 512
reconnect_delay: 500
tcp_keep_alive: false
tcp_no_delay: false
tls_trust_cert_chain:
tls_verification_enabled: false

jochen · February 7, 2018, 12:45pm

That looks like a GELF output. Where exactly are you sending the messages and what is the recipient doing with them?

Srumith · February 7, 2018, 12:50pm

Sending messages to Kibana.
I actually have metrics and logs reported to graylog.
I want only metrics to get forwarded from Graylog to Kibana, so that I can visualize them.
5601 is the Kibana port I have configured for Gelf Output.
And I am connecting to Elastic directly from Kibana, giving elasticsearch url as 9200.

Or if you want us to rephrase the question - how to configure output in graylog for a particular stream and forward messages to Kibana?

jochen · February 7, 2018, 1:04pm

Kibana is a frontend for Elasticsearch, it doesn’t receive or process messages itself.
So where exactly are you sending the messages with the GELF output?
Hint: It has to be something with a GELF input.

Srumith · February 8, 2018, 5:49am

Correct.
So can I forward specific stream data from Graylog to another elasticsearch instance using Graylog Outputs?

jochen · February 8, 2018, 8:38am

You could do that if you have a receiver reading GELF messages and writing them into Elasticsearch.

You could use Logstash (with GELF input and Elasticsearch output) for that.

system · February 22, 2018, 8:39am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Outputs in graylog Graylog Central (peer support)	6	1333	February 21, 2018
Run several outputs Graylog Central (peer support)	3	435	August 6, 2018
How to filter data in manage outputs before sending to cloud graylog server Graylog Central (peer support) sidecar , winlogbeat	6	3459	July 13, 2018
Fwd copy of all messages to logstash Graylog Central (peer support)	4	518	December 29, 2021
Graylog exporter and streams Graylog Central (peer support)	4	1479	June 3, 2019

Graylog outputs

Related topics