Graylog newbie here. I was wondering how I could check the flow of messages between dependent services in logs in Graylog. I'll give a small instance to make my self clear. Let's there 4 services A,B,C and D. How do i find this or trace this flow in the Graylog
A->B->C->D->A->C(crash).
Any answer would be appreciated as I am struggling to find answers for this. Thanks!
In order to tie these messages together, you need some sort of a key value. Some element that is present in all four log sources that lets you know they are related.
It could be a hostname, or an IP. Anything common between the four will do.
If you don’t have a key value, you will have to write a query that includes all four sources.
Something like “source:A OR B OR C OR D”. Then use timestamps to establish the sequence you are looking for.