how to change log level into string severity level like info, low, medium,critical?
Sounds like work for pipeline.
Please show actual input and expected output
yeah but i don’t now, how to write pipeline for convert
If it’s standard syslog level, create simple pipeline rule:
rule "convert level to severity" when has_field("level") then set_field("severity",syslog_level($message.level)); end
After that, create new pipeline and attach new rule to stage.
And the best way is to read great graylog manual:
thank you very much it’s working
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.