Hi Zsolt, That is only one part of it, you first need to create Grok patterns in System -> Grok patterns. You can create them by hand or import a file including the most common ones.
Regards, Edmundo > On 21 Oct 2015, at 12:57, Osztrovszky Zsolt <osztrovszk...@ahrt.hu> wrote: > > Yes. > Like this: > <image001.png> > <image002.png> > > Cheers, > Zsolt > > From: graylog2@googlegroups.com [mailto:graylog2@googlegroups.com] On Behalf > Of Jochen Schalanda > Sent: Tuesday, October 20, 2015 4:03 PM > To: Graylog Users <graylog2@googlegroups.com> > Subject: [graylog2] Re: grok pattern not working > > Hi Zsolt, > > did you add the required Grok patterns to your Graylog system? > > > Cheers, > Jochen > > On Tuesday, 20 October 2015 12:56:17 UTC+2, Zsolt Osztrovszky wrote: > Hello Guys! > I'd like to setup an extractor with Grok pattern. > This is my sample message and pattern: > 10.10.1.1 - - [13/Oct/2015:17:19:54 +0200] "GET /1111/ed98/561/this.m3u8 > HTTP/1.1" 200 388 "http://10.1.1.1/hls.php?o=1111&p=2kV&t=BASE64"; > "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11) AppleWebKit/601.1.56 (KHTML, > like Gecko) Version/9.0 Safari/601.1.56" 3878 6090 ed98b > > pattern: > %{IP:remote_addr} > > If I push try, it says: Attention We were not able to run the grok > extraction. Please check your parameters. > > What am I doing wrong? > Thanks. > Cheers, > Zsolt > -- > You received this message because you are subscribed to a topic in the Google > Groups "Graylog Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/graylog2/KBn38OfLyUc/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/ab9539b3-7c11-4665-a6f4-f6c092a2b690%40googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > > FIGYELMEZTETÉS: > "Ez az e-mail bizalmas információkat tartalmaz kizárólag a címzett(ek) > számára. Amennyiben Ön nem címzettje ennek az e-mail-nek, felhívjuk figyelmét > arra, hogy az e-mail tartalmának közzététele, másolása, illetéktelenek > számára való továbbítása, megőrzése vagy bármilyen hasonló tevékenység tilos > és törvénybe ütköző." > > -- > You received this message because you are subscribed to the Google Groups > "Graylog Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to graylog2+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/graylog2/20813E38516D75429744E7A4B8B656FF02549D446D38%40PETZCMSVS01.intra.ahrt.hu. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/54996BA5-68DF-4F96-9B61-6B8DFEA621F6%40graylog.com. For more options, visit https://groups.google.com/d/optout.
