Hi all,
I retrieve datas from industrial automates. Most of these datas are booleans.
I use a GELF UDP Input to retrieve them.
I just see that if a field’s value is not changed since the “-1” input, the system send me nothing. But to have something usefull, I need to display either the sum of the last values, nor their average, but indeed the last value (either from the flow, ie the last known value)
Does somebody have an idea to do this ?
Heyo @abh,
sadly, this is not possible with Graylog (yet).
It was already discussed here:
You could open a feature request in the Github Issues, it’s a frequently needed addition, so it might be implemented soon(ish) 
Greetings,
Philipp
Hi @derPhlipsi
Does it mean that Graylog is a “pure flat” system, and that it’s impossible (using a pipeline per example) to access to an input before the current ?
Hey @abh
I don’t really get what you mean, so here’s my interpretation:
You want to access the latest value that was reported for a field, correct?
You can achieve that by querying the Graylog API, yes of course, but there is no Widget yet that does that.
You would simply do a search, get the query from the more actions button in the search bar and then use that query to get the latest indexed value of a field by setting the size of the query to 1 and the order to descending. This will return the latest dataset that matches your query
If you want to do that to enrich other messages going into Graylog, have a look at this plugin:
I hope I got your question correctly, else simply ask again
Greetings,
Philipp
An example of what I (we) want to do :
An industrial automate returns me a bit to show me if a door is opened (1) or closed (0).
When the door goes open, it send me “1” in the corresponding field. As long as the door stays open, it returns me nothing. When the door goes closed, it send me “0” in the corresponding field.
I have to show on an dashboard the state of this door (of course the latest known value from the field).
I also can have to create an alert if the door stays opened more than x seconds.
I just arrive at the office, so I’ll have a look on the plugin you shows me.
Thank you for your help 
Alain
This is hard to display with Graylog currently. I made a workaround by greating two bar graphs, one searching for closed the other searching for opened and then stacking these graphs. This will result in a chart with a blue and orange bar at each corresponding action at the given time.
But a line chart that simply switches between 0 and 1 is not implemented (yet, I’m planning on making that my first plugin for Graylog 
)
This depends on your needs: Do you need to be alerted the moment the x seconds passed or is it enough when the alert is triggered the next time a status change happens?
Greetings,
Philipp
This is not a bad news for me, but a very bad one 
I work on Graylog since 3 weeks, from scratch, for understand how it works, how to make my datas available. Now, at the last stage of my research, I can not use the data that I had trouble getting in shape.
Clearly, this seems to mean that I will have to turn to another solution while Graylog has everything to please us, starting with the ability to work in a cluster …
I sincerely thought that my need is basic and quite universal.
Thus, a system for managing people’s access to a controlled area, via badges or magnetic cards, should also be made by Graylog, indicating who is present at all times (whether in the event of a fire alarm or a standard that must be able to say if so-and-so is present or not).
Well, yes, these are basic and universal needs. And yes, I’m with you that these features should be implemented asap.
Well, this is a little bit more specific. But I have a similar usecase from my company that would employ the same functionality. This is where the open source aspect of Graylog kicks in:
If you need it, build it. (c) Me - just now.
If you are a little bit into Java development, you’ll be able to implement your solutions yourself. If not, submit a feature request in the Graylog Github Issues. Either the Graylog-Core team will see the need of your suggestion and implement it natively into Graylog or some other Graylog user gets interested into it and makes it a plugin
I’ll start doing that soon too, but I have to sort out the end of my study first
Greetings,
Philipp
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
