{"id":19788331,"url":"https://github.com/graylog2/graylog-schema","last_synced_at":"2025-05-01T00:30:57.876Z","repository":{"id":39586089,"uuid":"292346089","full_name":"Graylog2/graylog-schema","owner":"Graylog2","description":"Repository for Graylog Schema files and Documentation","archived":false,"fork":false,"pushed_at":"2024-05-08T18:38:40.000Z","size":180,"stargazers_count":2,"open_issues_count":28,"forks_count":4,"subscribers_count":13,"default_branch":"1.0","last_synced_at":"2024-05-08T20:32:14.324Z","etag":null,"topics":["documentation","graylog","logging","schema"],"latest_commit_sha":null,"homepage":"https://schema.graylog.org","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Graylog2.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-09-02T17:14:06.000Z","updated_at":"2024-05-08T20:32:14.325Z","dependencies_parsed_at":"2023-02-01T06:31:06.137Z","dependency_job_id":"7f87d0a0-b6c4-4f99-a64a-e7e573d539e2","html_url":"https://github.com/Graylog2/graylog-schema","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog-schema","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog-schema/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog-schema/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog-schema/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Graylog2","download_url":"https://codeload.github.com/Graylog2/graylog-schema/tar.gz/refs/heads/1.0","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224229132,"owners_count":17277137,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["documentation","graylog","logging","schema"],"created_at":"2024-11-12T06:26:53.220Z","updated_at":"2024-11-12T06:26:53.855Z","avatar_url":"https://github.com/Graylog2.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Graylog Schema\n\nWelcome to the Graylog Information Model (GIM).  The Schema is broken down into sections, like \"File\" or \"Destination\" with all meta data fields below that link.\n\n[Graylog Illuminate](http://www.graylog.com/ \"Graylog\") will utilize this schema for all the content it will be creating.  This guide will the be official reference, and should be used if you are creating your own content, and want it to match with our content we create.\n\nIf you take any log source, and put the user name into a field called `user_name`, then any dashboard or alert created with Illuminate will work as well.\n\n# Graylog Template\n\nDuring processing of the logs, data from the logs are inserted into Elasticsearch as \"keywords\", meaning they are not modified in any way, and stored as-is.  This means the follow data points are unique:\n\n`Administrator`  or `administrator`\n\nIf you are doing a search in the Graylog UI, you would have to search for both of the terms, or know exactly which one to search for.  Fields like `user_name` make sense to have the ability to search without worrying about the case of the word.\n\nIn order to ensure these options are accounted for, a custom analyzer has been included in the Graylog Schema template, called \"loweronly\".  Fields normalized with \"loweronly\" will be converted to lowercase before the data is indexed, and search query strings for these fields will be converted to lowercase as well when ran.  Pages in the schema, will list these fields as `keyword/loweronly` for reference.\n\n# Graylog Help\n\nIf you see any suggestions, or feature requests for this project, please submit a issue [here](https://github.com/Graylog2/graylog-schema/issues).\n\nHappy Logging!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgraylog2%2Fgraylog-schema","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgraylog2%2Fgraylog-schema","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgraylog2%2Fgraylog-schema/lists"}