I’m trying to sort out the special characters from my canary and it’s giving me trouble with all the quotes on a single line, how do I watch for the needed text within quotes? The ports we want to alert on: “dst_port”: “22” “dst_port”: “23” “dst_port”: “5060” “dst_port”: “5061” Escaping all th…

How to alert correctly with quotes from the endpoint log?

gsmith (GSmith) February 2, 2022, 11:24pm 3

Perhaps this post will help.

Topic		Replies	Views
HTTP Callback JSON Graylog Central (peer support)	3	974	February 13, 2020
Alert email format Graylog Central (peer support)	12	2532	September 18, 2020
Date formatting in Alert, always Zulu / GMT Graylog Central (peer support)	2	427	January 5, 2021
Brackets not escaped in alert emails Graylog Central (peer support) pipeline-rules , html , alert	17	660	June 24, 2022
Double quotes within double quotes in search query Graylog Central (peer support)	4	4475	January 27, 2019