Hi, You should use streams, with one rule filtering all logs from the windows server only, and the second rule defining the timestamp range that the log should have, with regexes. I will post an example tomorrow if you still need it.
Cheers. -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/2212ce21-52cb-499e-87d7-2fe61ce38763%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
