Hi,
My regexes and conditions in my previous post are wrong.
The steam should have two rules :
1) source must match the server(s) name
2) the timestamp should match either between 22 to 00 or between 00 to 06.
If you're not familiar with regexes, I hardly suggest you learn to
create/use them. If you're going to play with graylog or logs in general,
it's gonna be hard to work without them.
Here you want to make a regex for the field timestamp (*seen when you
unwrap a log on the search page*). Should look like this:
2016-11-30T07:30:10.255Z
The following regex should work to catch all logs between 10 pm to 6 am
(quickly tested and worked)
*[0-9]{4}-[0-9]{2}-[0-9]{2}((T0[0-6]:.+)|(T2[2-3]:.+)) *
I'll add an explanation later if you don't understand it, when I have time.
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/594c4395-e156-402d-84df-c7c6a44e88e5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
