Hi, that's currently not possible with Graylog, but feel free to create a feature request with your use cases at https://github.com/Graylog2/graylog2-server/issues/new.
Cheers, Jochen On Wednesday, 27 July 2016 21:41:07 UTC+2, GambitK wrote: > > Because a particular request for alerting, I have come up with a use case > scenario that I would like to share. > > The requirement is an alert that only triggers within a specific time > frame. For example: If a user logs on to a server from 9:00AM to 11:00AM > alert me, after that time the alert is not necessary. > I think having a time for when an alert could be triggered could add a lot > of flexibility to graylog. > > Also is there a way to alert if a field is equal to one of a list of > values? Something like: > if userid = "user01 or user02 or user03 or user04" and eventid = "1234 or > 4321 or 9999" > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/16715597-1c16-4511-bf7f-6228db1554e1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
