Hi,
I’m evaluating the gelf writer to graylog 3.x and it works basically, but I don’t want to store every check result in my elasticsearch backend.
Is there a way to filter out specific events on the icinga side or do I have to filter out the unwanted messages on the graylog side?
Also there was a config option for HA in the docu, but icinga (2.10.5) does not accept it.
Docu-bug? Even without this option there are no doubled messages 
Greetings
Manfred
Hi,
You have to filter on the Graylog side, the features just fire&forget towards receivers.
Snapshot docs only, this is not yet released and comes with 2.11.
Cheers,
Michael
Hi,
thanks for the info.
I’m using some custom vars within Icinga like location, host type and role.
It would be nice to send these additional tags to Graylog - maybe in a way like
the influxdb writer offers. Feature request?!
Are there any plans to realize a writer for message brokers (MQTT,…)?
Other systems like umbrella management systems could subscribe to state changes or alerts
without need to send them out individually to each of them.
Cheers,
Manfred
Hi,
Already there, waiting for sponsors: https://github.com/Icinga/icinga2/issues/6149
Not at the moment, since you can consume the API event stream with a small middleware daemon by yourself which then publishes to MQTT and other bus systems.
Cheers,
Michael