Hello,
Anybody knows how to search numbers(IP's) from logtype syslog message field? We noticed that when we create filter where field is message and try to find numbers nothing can be find. If logtype is event log then similar filter work.
br
Toni
Search numbers(IP's) from syslog message field
Re: Search numbers(IP's) from syslog message field
Hello ToniE,
Lucene queries can be very difficult and annoying to sculpt correctly and I understand your frustration. You can use the following query to search for syslogs with an IP address:
This will match IP addresses in the message section of syslog messages.
Lucene queries can be very difficult and annoying to sculpt correctly and I understand your frustration. You can use the following query to search for syslogs with an IP address:
Code: Select all
type:syslog AND message:/(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])(\.(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])){3}/
February: Fostering a fruitful forum with fun formulations. Fear not for our fellowship of friendly fellows will fervently find fixes for flaws found on this forum. Feel free to follow-up with feedback if I fail to fulfill my function fully.
Re: Search numbers(IP's) from syslog message field
There is a new natural language feature in Nagios log server that helps for circumstances like this. Head to admin --> global settings --> experimental feature and provide an OpenAI API key.