-
### Problem description
If I use this rule:
```
rule "rewrite source field for LG02"
when
(to_string($message.gl2_remote_ip) == "xxx.xxx.xxx.xxx")
then
set_field("source", "LG02_E6000");
…
-
Passing a fixed-length list of group_names to regex doesn't handle optionally-matching groups very well:
`([^ ]+)(?: (.+))?: (.+)`
Better would be support the standard `(?X)` named capturing groups a…
-
Would it be possible to make this plugin configurable to look at a field in the message other than source?
Assuming "dns_resolver_run_before_extractors=false" is set, the extractors would run first a…
-
### Problem description
Function regex should return all the occurrences that satisfy the given pattern.
It seems that if we use a regex pattern that should find more then one occurence, the functio…
-
The JSON extractor doesn't cut from field even if the cut option is selected.
```
{
"condition_type": "regex",
"condition_value": "(\\{.*\\})",
"converters": [],
"cursor_strategy": "cut",
"…
-
I have 2 extractors.
1. extract json
```
{
"title": "json_extract",
"extractor_type": "json",
"converters": [],
"order": 0,
"cursor_strategy": "copy",
…
-
I don't see this in my Github searches, so i figured I'd ask here. I ran into an issue with slookup (https://github.com/billmurrin/graylog-plugin-slookup-function/issues/9) for a specific pipeline ru…
-
Hello,
First of all, many thanks for the great job.
I have one question about Pipeline rule:
Could you please explain me the following line ?
let source_timestamp = parse_date(substring(to_str…
-
Hi Gerd,
_This is a future feature / enhancement consideration that could further enrich this great plugin.
Consider it at your leisure and don't feel obligated to add._
It would be useful to have a …
-
plugin fails when assigned to a stream output on 2.4.6
**com.google.common.util.concurrent.ExecutionError: java.lang.NoClassDefFoundError: Could not initialize class org.graylog2.syslog4j.Syslog at…