I may have the terms off here In the stream rules, I can select a field...Event ID for example....select the operator....match exactly for example, and then the field of what I want it to match...4688 for example
The rule only seems to give me the one category/operator/criteria choice per rule. So in the search above....what would the rule structure look like to get the same result? Thanks for bearing with my noob-Ness Tp -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/9cbe6e60-4c0d-47fc-8aa7-820ca71d9aa9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
