Hi! Guys!
My fist topic here. I had started use graylog 2 days ago, then many question appears. I want take manys messages in search and with filter take each pieces and agregate the information in only one massage, is possible ?
Hello @wfahham!
Can you please add more detail describing your goal? Please be specific about where in Graylog you are working (dashboard, report, pipeline, etc), the data/your starting point, and what you want to achieve.
Welcome!
my log file send me messages about LDAP operations, them I want to know who changed the password, to do this I want take information in more than one message and to create a dashboard with this information. my goal is to agregate information of more than one messages
if your goal is to create a single message out of multiple messages - that is not easy possible but it would be.
You ingest all messages and you extract the needed information into fields. With the events(alerts) ability of Graylog you create first specific events that are holding the right information and after that correlate on that if the information are given in the right order.
This might be a solution and is quite to complex to write you a copy&paste solution, but you could get the result with some work.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.