Nagios Support Forum

Just wondering if any wildcard expressions are available for the filtering section of a dashboard? I've got about 48 web servers that I'd like to put into one dashboard, and if I have to I can do an "either" filter for all 48, but I'd really rather not. Besides, any new hosts will follow a similar naming scheme that a wildcard filter should pick up on.

The * wildcard character can be used in filters but don't use it inside " " quotes unless you want to filter for strings that contain an actual *. You can also use AND OR NOT ( ) - + ! (https://logz.io/blog/kibana-tutorial/) to fine tune a filter.

Ok, so I'm trying to filter some custom Apache logs by the logsource field, I've got a number of servers named "vmNNnxpNN-cv2" and I want to wildcard the two digit numbers (NN). I've tried both asterisks and question marks, and both seem to be looking for exact matches. I also tried two asterisks, in case the asterisk was representing a single wildcard character for some reason, same result.

However, when I tried this with the "host" field, which is an IP, using 192.168.1.*, THAT seems to work. Any thoughts? I can certainly do it that way thanks to the way we do subnets in this case, but it only seems to work on certain fields?

bpizzutiWHI wrote:but it only seems to work on certain fields?

Correct; In this particular case, it largely depends on the underlying data type for a given field. Nagios Log Server dynamically maps all fields to the "best fit" data type and is, in many cases, good at handling IPv4/IPv6 addresses gracefully.

If it were my problem to solve, I'd rig up a grok filter to parse those "vmXXnxpYY-cv2" fields into two distinct fields so I could query them directly.

You can also do regex searches via the GUI (little drop-down next to the search bar, I forget specifically where it is), but I was never able to make them work very well. Perhaps you will have better luck than me

Thanks @mcapra,

@bpizzutiWHI, do you have any more questions or did mcapra's answer work out for you?