18 Nov 14:17
18 Nov 14:18
to rate this add-on.
When I try to download the file, the following error appears: 404: Not Found
I have downloaded the snort extractor from https://marketplace.graylog.org/, successfully imported appliance-syslog-udp. as per my understand, All my snort extractors are pointing to system/input-> appliance-syslog-udp -> manage extractors - > Source field : messages.
so i have to use that search -> Fields ->message filter to filter the logs further.
am i correct?.
If yes, i want to use separate search -> Fields ->snort_message or snort_ip .. etc,
what is the process to create separate search -> Fields using snort extractor.