How can we achieve to pipe the interesting events that are stored in a different dedicated stream using the stream rules . Please be noted that the matches are removed from the default ( all messsages ) stream .
Thanks in Advance !
I would probably utilise a pipeline rule and the route_to_stream() function for this.
https://docs.graylog.org/en/4.0/pages/pipelines/functions.html#route-to-stream
we are able to achieve the first step of successfully piping the interested messages into the XYZ stream using the stream rules . Now , the challenge is how to the write the stream rules in the SOC Stream that inputs from only the XYZ stream not the all messages .
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.