I am new to graylog and i’ve a use case as i need to compare event logs and if the source ip is same for last 2 or 3 logs, i need to alert. Is it possible to do something in graylog pipelines? i’ve set stream/rules etc. But unable to find any functions matching this case.
Any help would be appreciable