Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

query syntax for searching for "#Success"

https://support.nagios.com/forum/viewtopic.php?t=57994

Page 1 of 1

query syntax for searching for "#Success"

Posted: Sat Mar 28, 2020 3:15 pm
by newmember
Good day,

I am trying to figure out to search for this string "#Success'

If I search for "#Success" I get all strings with 'success' missing the "#"

I tried regex /W+uccess \/W+uccess\

So I would like to query for the "#" and capital "S"


Thanks

Re: query syntax for searching for "#Success"

Posted: Sun Mar 29, 2020 5:45 pm
by newmember
I am going to use a GROK statement to filter this into a feild and strip off the "#", a long with the other feilds in the logline.

Code: Select all

...
^#%{WORD:Result}
...

Thanks

Re: query syntax for searching for "#Success"

Posted: Mon Mar 30, 2020 2:25 pm
by scottwilkerson
newmember wrote:I am going to use a GROK statement to filter this into a feild and strip off the "#", a long with the other feilds in the logline.

Code: Select all

...
^#%{WORD:Result}
...

Thanks
This is likely the best bet because with analyzed fields you aren't able to search for a #
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited