Hey guys i have a message on graylog (Graylog 3.1.3+cda805f), i used a content pack and the message now contains 3 fields: level 6 message device=“SFW” date=2020-01-02 time=18:15:34 sent_bytes=75534376 recv_bytes=2848799791 source SFW I need to create a new numeric field for the recv_bytes…

Pipeline - Create field with value from another field

tmacgbay (Tmacgbay) January 3, 2020, 5:25pm 2

(with formatting to make it easier to read…)

set_field("fw_recv_MB", to_long($message.raw_recv_bytes) / 1073741824);

1 Like

Syslog TCP input normalization

Topic		Replies	Views
New field using Pipeline Graylog Central (peer support) pipeline-rules , route-to-streampl	6	1941	August 8, 2018
Create a field which name is the value from another on Graylog Central (peer support)	4	1181	October 3, 2018
Mapping fields of a string message Graylog Central (peer support) pipeline-rules	3	55	March 17, 2025
Parsing extractors Graylog Central (peer support) pipeline-rules	2	102	June 19, 2024
Pipeline rule to extract key-value pair not working Graylog Central (peer support) pipeline-rules	20	2572	April 23, 2022