These fields are added by logstash, or more precisely the gelf-rb
module used to format GELF messages. They are added because they are
required fields according to the GELF 1.0 spec.
Did you probably mean values of that fields, but not fields itself? I have
tried to use Syslog UDP
On 22.08.2014 08:29, ellyas ellyas wrote:
Did you probably mean values of that fields, but not fields itself? I
Both, I guess. Because a field can only be present with a value in it.
(We could argue whether the empty string is a valid value for a GELF
facility, but that does not lead anywhere.
Hi!
Am Freitag, 22. August 2014 11:11:12 UTC+2 schrieb Martin Schütte:
have tried to use Syslog UDP input without logstash, and there are also
these 2 fields facility = unknown and level = Invalid [-1]
(values are different from GELF). Version is gone.
That is another topic; BSD
Thanks! I will be setting up an eval instance of GL2 to get some hands-on.
A few questions:
- I started reading about logstash and GL2 and it seems both have
overlapping functionality. Based on your experience, is there any reason
why I should be choosing one over the other? Given this is a
Hi,
Unsure if this has been mentioned somewhere else before but we are
experiencing a minor oddity in the search facility for the Graylog2 Web
Interface.
We are running Graylog server 0.20.6 and Graylog web 0.20.6 (So the latest
version i am aware of) and say we want to search one of our
