it sends the whole /var/log/messages/ withouth filtering it. for exemple the event it's created on a windows machine cbv-0025 but obviously it's it indicate the input source wich is the syslog server. so technically, what i want to do is filter thoses messages and scale them so as it will show me the real source . another thing, it's not showing all the search fields. when i tried GELF input i had alotmore fields than that , so much more details
<https://lh3.googleusercontent.com/-kF-YRBo2RlE/WAnUmEFgARI/AAAAAAAAAdc/tJu5CF9MTk8jkmD5E5qx_Kt2b_1CgmLHgCLcB/s1600/search%2Binfo.png> Le vendredi 21 octobre 2016 10:24:39 UTC+2, Jochen Schalanda a écrit : > > Hi, > > what does "unscaled logs" mean? > > Cheers, > Jochen > > On Friday, 21 October 2016 10:18:56 UTC+2, Benbrahim Anass wrote: >> >> Hi everyone, >> i'm testing Graylog2 with elasticsearch, i've run into this situation >> where graylog recieve unscaled logs from a distant syslog server. >> >> >> <https://lh3.googleusercontent.com/-QbPUHtxNtjM/WAnPXFpiTVI/AAAAAAAAAdI/6SSRJeQ6izgTfE7PBRSmhqh0efrVsWqsgCLcB/s1600/architecture.png> >> >> >> <https://lh3.googleusercontent.com/-ag2xUP1LKdk/WAnPY5wGSgI/AAAAAAAAAdM/_xcNAFqhvqo5oN-3RRLbPmUTOk9AIE2GwCLcB/s1600/scal.png> >> Thanks >> > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/d69d5037-5271-4dd0-9b77-5105e02b0986%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
