I would recommend using processing pipeline rules to remove messages: http://docs.graylog.org/en/2.2/pages/pipelines.html
Support for Drools will be deprecated sooner or later in favor of the processing pipeline.
I would recommend using processing pipeline rules to remove messages: http://docs.graylog.org/en/2.2/pages/pipelines.html
Support for Drools will be deprecated sooner or later in favor of the processing pipeline.