query syntax for searching for "#Success"

This support forum board is for support questions relating to Nagios Log Server, our solution for managing and monitoring critical log data.
Locked
newmember
Posts: 43
Joined: Sat Sep 03, 2016 2:54 pm

query syntax for searching for "#Success"

Post by newmember »

Good day,

I am trying to figure out to search for this string "#Success'

If I search for "#Success" I get all strings with 'success' missing the "#"

I tried regex /W+uccess \/W+uccess\

So I would like to query for the "#" and capital "S"


Thanks
Top
newmember
Posts: 43
Joined: Sat Sep 03, 2016 2:54 pm

Re: query syntax for searching for "#Success"

Post by newmember »

I am going to use a GROK statement to filter this into a feild and strip off the "#", a long with the other feilds in the logline.

Code: Select all

...
^#%{WORD:Result}
...

Thanks
Top
scottwilkerson
DevOps Engineer
Posts: 19396
Joined: Tue Nov 15, 2011 3:11 pm
Location: Nagios Enterprises
Contact:
Contact scottwilkerson

Re: query syntax for searching for "#Success"

Post by scottwilkerson »

newmember wrote:I am going to use a GROK statement to filter this into a feild and strip off the "#", a long with the other feilds in the logline.

Code: Select all

...
^#%{WORD:Result}
...

Thanks
This is likely the best bet because with analyzed fields you aren't able to search for a #
Former Nagios employee
Creator:
Human Design Website
Get Your Human Design Chart
Top
Locked

Return to “Nagios Log Server”