I did something similar as a proof of concept but it was far from elegant. In short:
1. Use nxlog to listen to a file and configure a rule that uses the date of the log message and not the current date (which it would do if we don't create this rule) 2. Use something that reads your log file(s) one line at a time and appends each line to the file being monitored by nxlog *in some cases the date time format is not directly parseable by nxlog and a script is required to parse on the correct format. https://nxlog.org/node/295#idp9098336 Sorry this is so convoluted. This is a feature that has been requested so it is possible we may see a native way to do this in the future. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to graylog2+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/e956ec6d-3f94-40be-a3c8-147ea7502ed2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
