Hi Ryan,

normally, you would use individual streams in Graylog to provide a specific 
view on your data: http://docs.graylog.org/en/2.1/pages/streams.html

For example this URL searches for the string "Removed Session" (the "q" 
query parameter) in the stream with ID 56b10473e4b0bcb63971300a (which 
contains syslog messages of a system) in a time window of 1 hour (the 
"relative" query parameter):



On Wednesday, 14 September 2016 19:48:37 UTC+2, Ryan Waldron wrote:
> I am evaluating moving our centralized logging from elasticsearch/kibana 
> to graylog. Our current setup has several external applications that link 
> directly to specific Kibana searches by generating the proper parameters in 
> the URL. Eg:
> http://mycentral.log/app/kibana#/discover?_g=(refreshInterval:(display:Off,pause:!f,value:0),time:(from:'2016-09-14T17:20:00.000Z
> ',mode:absolute,to:'2016-09-14T17:25:00.000Z'))&_a=(columns:!(_source),filters:!(),index:logstash-1,interval:auto,query:(query_string:(analyze_wildcard:!t,query:'*')),sort:!(timestamp,desc),vis:(aggs:!((params:(field:programname,orderBy:'2',size:20),schema:segment,type:terms),(id:'2',schema:metric,type:count)),type:histogram))&indexPattern=graylog_0&type=histogram
> As you can see, we can generate a URL on the fly that has control over 
> most of the search and display functions available in Kibana. We use this 
> to link directly to specific application logs for less technologically 
> inclined staff.
> It appears from the URL of the Graylog web interface that it uses some 
> kind of hash to link to specific content. Is there a way to generate these 
> on the fly to link to specific information within the system? I have 
> searched for a while today and I can't seem to find any documentation on 
> the subject.
> Thanks in advance for any assistance.

You received this message because you are subscribed to the Google Groups 
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to graylog2+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to