I'm on 0.21 and I see CSV export, but not the raw plain text. I think effectively what is needed is a way to export the "original" messages with no additions. From what I can tell that means the "message" part with everything else gone. In my case this would be so I can let elastic/mongo/GL2 archive my auditd records, but the investigator could easily produce a file, or set of files the linux audit tools can parse. This can be accomplished with Excel or other text manipulation tools, but I thought the point was to reduce the amount of work. And exporting the original content in it's original format seems like an obvious capability.
On Thursday, May 16, 2013 8:35:44 AM UTC-7, lennart wrote: > > Yes, scheduled for 0.20.0 > > Thanks, > Lennart > > On Thu, May 16, 2013 at 4:54 PM, Isaac Freeman <[email protected] > <javascript:>> wrote: > > Is there any update on this? Being able to export logs would be pretty > > important to me but it looks like there hasn't been any traction on > this. > > And yes, I could right scripts to query ES and dump them myself, but > some of > > my users who need to check logs don't need to have ssh access to the > graylog > > server or shouldn't have to run scripts from the command line... seems > like > > it would be a fairly simple thing to have a basic text export feature... > > > > On Tuesday, January 31, 2012 2:44:17 PM UTC-5, Pierce Wetter wrote: > >> > >> > >> > >> Should be possible to use the ElasticSearch API to get the data back > >> into any format you like? > > > > -- > > You received this message because you are subscribed to the Google > Groups > > "graylog2" group. > > To unsubscribe from this group and stop receiving emails from it, send > an > > email to [email protected] <javascript:>. > > For more options, visit https://groups.google.com/groups/opt_out. > > > > > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
