Hello, I’m new to Graylog and I would like to know if it’s possible to create a dashboard or a stream containing different message tables with differents rules.
The source would be the same server, but what I would like to achieve is a sort of classification thanks to these message tables. For exemple, one table showing all error logs from the server “exemple.server,” another displaying all access logs from the same server, and yet another table where we can observe all logs from a specific application who is intalled in the same server aswell.
I’ve been looking at the documentation regarding streams, pipelines, and dashboards, but I’m not quite clear if this is achievable or not, and whether it would be more feasible with the dashboard or streams.
I have also been creating different message tables within the same stream and dashboard, but I can’t figure out how to make each message table show something different from the same server.
Thank you very much in advance for your assistance.
Some information:
-
OS :
Ubuntu 22.04 -
Package Version:
Graylog 5.1.10
opensearch 2
mongodb 6 -
Graylog opensource
