Is there a way to pull only the logs from a specific index. Say for example. Search or view messages that are only in the “Graylog_1234” Index?
just select the index is not possible. You can search inside a stream (that might contain the data of that index) and if you look up the range of that index you can choose the time.
If you feel the need and describe a use case for that, please feel free to create a feature issue.
you can try this in the search box:
_index:graylog_1234
2 Likes
I can’t say it’s a common use case worthy of a new feature. Just ran into a need where it would be a nice to have but also possible to work around. jtkarvo. I did try what you recommended but no luck. Does this work in your implementation?
yes it does. Perhaps it is ES version specific.
@jtkarvo 's method works, we use it all the time.
Make sure your selected time range is in the same time range as the index.
Ahh. yes… That was the part I was missing. Doh! Awesome though. Thanks for the input.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.