search

Graylog2 / graylog2-server

Free and open log management
https://www.graylog.org
Other
7.33k stars 1.05k forks source link

Add to query in a Saved Search #11649

Open H2Cyber opened 2 years ago

H2Cyber commented 2 years ago

What and why ?

A common task for Graylog users involves pivoting from one Saved Search to another. For example, a user would :

  1. Load Saved Search 1
  2. Search for a particular IP address in Saved Search 1
  3. Deduce the username associated with that IP address
  4. Load Saved Search 2
  5. Search for the deduced username in Saved Search 2
  6. Etc.

To reduce the time and effort spent in pivoting from one saved search to another, the idea of this feature request is to add an extra option similar to "Add to query", named "Add to query in a saved search" (see example in picture below).

When selecting this new option, the user would be prompted to select one of his Saved Searches, where the query will be added.

Add to query in a saved search

Your Environment

prot0sub commented 2 years ago

Hope this feature request gets the attention it needs, it would be a great time saver as pivoting from one saved search to another is something that we do day in day out