How to route the existing messages in All Messages to Stream using rule

aneeshanvar · September 16, 2019, 7:24am

Dear All,

I have created 2 custom streams with rule based on the field ‘environment’ to isolate the logs based on the environment(Development, Production) in which application is running.

How do route the current message already existing in All Messages based on the rule I configured for each stream. Seems like only the new message after rule is configured is being routed to individual stream and existing message still reside in ‘All Messages’ only.

macko003 · September 16, 2019, 11:24am

Hi

Not possible

Graylog process the messages at arrivals, so your stream rules will be applied for the future messages.

//In elasticsearch you can modify the messages, so you can route it, but it isn’t a supported way.

system · September 30, 2019, 11:24am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Routing Graylog Events into Another stream Graylog Central (peer support) pipeline-rules , route-to-streampl	3	570	November 19, 2020
Rules for routing messages to different indexes Graylog Central (peer support) route-to-streampl	9	142	March 22, 2024
Routing Messages Across Streams and Index Sets Graylog Central (peer support) pipeline-rules , route-to-streampl	2	1660	February 8, 2018
Stream Rules for Routing vs. Routing via Pipeline (Rule) Graylog Central (peer support) pipeline-rules , route-to-streampl	2	1350	October 3, 2019
Hitting multiple streams Graylog Central (peer support) pipeline-rules , route-to-streampl	3	1489	June 21, 2017

How to route the existing messages in All Messages to Stream using rule

Related Topics