I’m in the process of setting up Graylog and centralizing our logging across all our servers. One of the logs has rows recording every API call of our software product: user ID, timestamp, what method was called etc. I would have to generate a report of how many API calls each user made per month. I saw another forum post saying that Graylog does not support reporting but can somebody point me towards a solution which would work with Graylog/Elasticsearch?
you could write a script that uses the Graylog API to search and/or sort the data.
Can you propose a simple example query for a case like this and say which one of the numerous search endpoints would be good for this?
For example, query all from one specific source in the last 5 minutes, getting the fields message, source and timestamp
https://graylog.local.lan/api/search/universal/relative/export?query=source%3Agraypi.lan&range=300&fields=message%2C%20source%2C%20timestamp
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.