Hi, Background:
I want to get an alert email when one of our log collectors can't write log data to Graylog anymore. For this I configured the log collectors (NXLog) to write "-- MARK --" to Graylog every 5 minutes. After adding the permission *searches:relative *to the user I can execute the following curl command to see if the log collector can write to Graylog: $ curl -s -L \ --user "<username>:<password>" \ "http://<graylog node ip>:12900/search/universal/relative?query=message%3A%22--%20MARK%20--%22%20AND%20source%3A%20<SOURCE/LOG_COLLECTOR>&range=300" \ | grep -oh "total_results\":[[:digit:]]\+" \ | cut -f 2 -d ':' 1 If the result is 0 the log collector couldn't write the "-- MARK --" message and an alert email should be sent. Problem: I don't like to use username/password for authentication. Instead I want to use the API access token I generated for this user. What is parameter/header I have to set? Thanks, Clifford -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/7684c215-067f-4035-be01-b4601bfb5d9c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
