Open mikael-andre opened 6 years ago
mipsou
commented
6 years ago Change setting "Message Processors Configuration". The order in 1° place is
unbaiat
commented
6 years ago @mips81 may god bless your soul
opc40772
commented
6 years ago @mips81 The correct order will be:
Geoip Resolver must be at the end.
yaaarg32
commented
5 years ago This fixed my issue too. Thanks!
opc40772
commented
5 years ago I am pleased to know that you solved the problem.
Makr91
commented
5 years ago This also fixed my problem, I recommend adding this to the installation guide.
lephisto
commented
4 years ago I might have an Issue, i don't understand.
Processor Order is fine, I get srcip fields filled. Grafana Barghraphs / Histogram show Location Infos. What's (imho) missing is the conversion to src_location to enable grafana worldmap panel to read it. ES 6.8.4 (happens in 6.8.3 as well).
opc40772
commented
4 years ago Someone made elasticsearch 6.x template and greylog 3 content pack. This repositories works Elasticsearch 5.x and graylog 2.x. Go to https://github.com/devopstales/pfsense-graylog and test.
lephisto
commented
4 years ago Oh yeah, i'm probably in a wrong repo. I have that devopstales stuff running. nevermind.
Hello,
First of all, many thanks for the great job.
I have one question about Pipeline rule: Could you please explain me the following line ? let source_timestamp = parse_date(substring(to_string(now("America/Habana")),0,23), "yyyy-MM-dd'T'HH:mm:ss.SSS");
In my Pipeline statistics, no message is matching the rule. It's probably the reason I see nothing in my Grafana dashboard.
Many thanks.