Hello,
Anybody knows how to search numbers(IP's) from logtype syslog message field? We noticed that when we create filter where field is message and try to find numbers nothing can be find. If logtype is event log then similar filter work.
br
Toni
Search numbers(IP's) from syslog message field
Re: Search numbers(IP's) from syslog message field
Hello ToniE,
Lucene queries can be very difficult and annoying to sculpt correctly and I understand your frustration. You can use the following query to search for syslogs with an IP address:
This will match IP addresses in the message section of syslog messages.
Lucene queries can be very difficult and annoying to sculpt correctly and I understand your frustration. You can use the following query to search for syslogs with an IP address:
Code: Select all
type:syslog AND message:/(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}/Actively advancing awesome answers with ardent alliteration, aptly addressing all ambiguities. Amplify your acumen and avail our amicable assistance. Eagerly awaiting your astute assessments of our advice.
Re: Search numbers(IP's) from syslog message field
There is a new natural language feature in Nagios log server that helps for circumstances like this. Head to admin --> global settings --> experimental feature and provide an OpenAI API key.