Group Data Table messages using a field Graylog

javrom95 · February 2, 2022, 11:23am

Graylog version: 3.3.15
OS Version: Linux 5.11.0 on AWS VM

Hi everybody,

I have a Data Table connected to a stream where I receive the connections to the services. A field in the entering messages has a URL with the format domain.com / service /client_id, and I visualized them alongside other insights, resulting in something like:

domain/service1/client1
domain/service1/client2
domain/service1/client3
domain/service1/client4

The problem comes when I try to group them in a single field related to the service, like:

domain/service1/Insight1 Insight2
domain/service2/Insight1 Insight2

Is there a way to achieve this? I have been searching for ages on my own and nothing has helped me out so far, I really appreciate any ideas you might have on this.

Thanks!

gsmith · February 2, 2022, 10:50pm

Hello && Welcome.

I might be able to help.
Within each message does it contain all of these at once?

If not, you could create a field/s called "client’ then group those fields through a pipeline.

Could you explain in greater detail what your trying to achieve?

system · February 16, 2022, 10:51pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Issue with a Log with grouped messages Graylog Central (peer support)	2	173	August 2, 2022
Using CSV lookup table to create more fields in message stream? Graylog Central (peer support) pipeline-rules	6	617	November 27, 2023
Pipeline - Tab Split Graylog Central (peer support)	11	6907	February 8, 2018
Parsing extractors Graylog Central (peer support) pipeline-rules	2	88	June 19, 2024
Event definitions Graylog Central (peer support)	6	436	March 6, 2023

Group Data Table messages using a field Graylog

Related topics