Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question.
Don’t forget to select tags to help index your topic!
1. Describe your incident:
I’m exploring the Search UI in Graylog and I’m unclear about the dropdown labeled “Select stream categories the search should include.” I’d like to understand what it does and how to create or manage those “stream categories.”
2. Describe your environment:
- OS Information: Ubuntu 20.04
- Package Version: Graylog 6.3.1
- Service logs, configurations, and environment variables: N/A
3. What steps have you already taken to try and solve the problem?
I looked at the Graylog documentation on Streams – it defines streams as real-time filters for routing messages into categories, which sounds related
I understand that streams can be created under Streams → Create stream, with rules to route logs
Inside the Search UI, the dropdown lists my streams, but I’m unsure what selecting them actually does internally to the search query.
4. How can the community help?
Can someone explain what exactly “Select stream categories” filters on?
How does choosing one or more streams in the search dropdown affect results?
How is this conceptually different from running saved search queries?
What’s the best practice for creating and using streams — should they always feed a dedicated index set, or can multiple streams share one?
Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]