I would like to ask you if it is possible to set up notifications for two kinda specific things. One is to recieve email when graylog stops recieving logs from device/devices and the second if it is possble to get something daily report on how many errors was recieved from each device connected to graylog ? Sorry I am rather new to graylog to be honest I am happy that I was even capable to make it work and connected all the devices I required to connect to it. Setting up theese notification is just way out of my league.
Your probably looking for something that sends a heartbeat from your log shipper. Perhaps something like this.
I have widget on a dashboard that show is the source count and if it goes up/down but I haven’t configured something to notify me when it does.
If you looking for report you may want to look into the Enterprise version of Graylog OR
this also could be possible through the Event definition /w Aggregation. You would need to adjust the time for 24 hours and make sure you have the correct fields for “errors” -n- “source”. This would depend on the INPUT , type of logs and what kind of log shipper you are using.