route to stream doesn't allow remove from "ALL Messages"

[gruselglatz]

Problem description

If I use this rule:

rule "rewrite source field for LG02"
when
  (to_string($message.gl2_remote_ip) == "xxx.xxx.xxx.xxx")
then
  set_field("source", "LG02_E6000");
  route_to_stream("CMTS Stream");
  route_to_stream("CMTS Alerting");
end

it also routes it to the default stream "ALL MESSAGES" and this replicates the messages to another index set.

It should be possible or the default behaviour to only route the messages in the given streams.
Also the Stream stats are broken when you use route_to_stream, this means, even when messages are incomming, it shows 0 messages/second.

Steps to reproduce the problem

see above.

Environment

Graylog 2.3.1+9f2c6ef on syslog.xyz.local (Oracle Corporation 1.8.0_144 on Linux 3.10.0-514.26.2.el7.x86_64)

Pipeline Processor Plugin | 2.3.1

[kroepke]

@gruselglatz nice timing!

I've just pushed code at #220

After review that will be part of 2.4.

Stream stats will be a bit more difficult and might not be part of the changeset (which is why I'll leave this one open for now).