Logs by severity level

Pamela · September 19, 2025, 2:20pm

Please help me with Graylog Sidecar and Winlogbeat. I’m filtering Windows logs by the log_level: [critial, error, warning] field, but it’s not filtering. I’ve tried without the quotes and it’s not working. How do I filter Windows logs by severity level? I’m using the latest version of Graylog 6.3.1.

Wine_Merchant · September 22, 2025, 10:30am

Hello @Pamela,

How do the log messages appear within the Graylog UI?

If the query is to be used within Graylog it should

log_level:(critial OR error OR warning)

Topic		Replies	Views
Graylog and Windows log level does not match Graylog Central (peer support)	3	2892	August 24, 2017
Log level field showing it's code. How to show log level as ,WARN, ERROR..etc Graylog Central (peer support)	4	3799	February 5, 2019
How to filter the messages with log level Graylog Central (peer support)	2	4701	July 1, 2021
Winlogbeat configuration - snippets Graylog Central (peer support) sidecar , winlogbeat	2	4154	July 16, 2018
Winlogbeat configuration - need help Graylog Central (peer support) sidecar , winlogbeat	1	399	June 19, 2020

Logs by severity level

Related topics