I'm not sure if this can be done with graylog directly but if you install Kibana somewhere and point it at your graylog elasticsearch instance you can do some pretty amazing aggregations and reports. The visualisation feature in Kibana is fantastic for this kind of thing
On Friday, 9 September 2016 03:17:15 UTC+10, Daniel Reif wrote: > > Hello, > I managed to get the logs coming from the squid using drools and sending > logs through graylog-sidecar. The output was as the image below: > > > > As you can see I created the _size field, is there any way to add the > values of this field? > > My idea is to show how much each user consumed > > > Tks > > Daniel William Reif > > > > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/4926e821-f3e5-4bb8-99c8-ee1f60897154%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
