Hi Ryan, normally, you would use individual streams in Graylog to provide a specific view on your data: http://docs.graylog.org/en/2.1/pages/streams.html
For example this URL searches for the string "Removed Session" (the "q" query parameter) in the stream with ID 56b10473e4b0bcb63971300a (which contains syslog messages of a system) in a time window of 1 hour (the "relative" query parameter): https://graylog.example.com/streams/56b10473e4b0bcb63971300a/search?rangetype=relative&relative=3600&q="Removed+session"; Cheers, Jochen On Wednesday, 14 September 2016 19:48:37 UTC+2, Ryan Waldron wrote: > > I am evaluating moving our centralized logging from elasticsearch/kibana > to graylog. Our current setup has several external applications that link > directly to specific Kibana searches by generating the proper parameters in > the URL. Eg: > > > http://mycentral.log/app/kibana#/discover?_g=(refreshInterval:(display:Off,pause:!f,value:0),time:(from:'2016-09-14T17:20:00.000Z > ',mode:absolute,to:'2016-09-14T17:25:00.000Z'))&_a=(columns:!(_source),filters:!(),index:logstash-1,interval:auto,query:(query_string:(analyze_wildcard:!t,query:'*')),sort:!(timestamp,desc),vis:(aggs:!((params:(field:programname,orderBy:'2',size:20),schema:segment,type:terms),(id:'2',schema:metric,type:count)),type:histogram))&indexPattern=graylog_0&type=histogram > > As you can see, we can generate a URL on the fly that has control over > most of the search and display functions available in Kibana. We use this > to link directly to specific application logs for less technologically > inclined staff. > > It appears from the URL of the Graylog web interface that it uses some > kind of hash to link to specific content. Is there a way to generate these > on the fly to link to specific information within the system? I have > searched for a while today and I can't seem to find any documentation on > the subject. > > Thanks in advance for any assistance. > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/a13d02e4-7db2-49fb-b921-76f88a14c0f5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
