Hi, does anyone know how to make a regex work in Kibana like this? Thanks, John
From: [email protected] [mailto:[email protected]] On Behalf Of Janet Sullivan Sent: Monday, April 28, 2014 9:27 AM To: [email protected] Subject: [logstash-users] FW: Regex syntax Given a message line like this: PPE-1 : UI CMD_EXECUTED 4751439 : User vipnet_something - Remote_ip 1.1.1.1 - Command "show something" - Status "Success" Searches of message:/vipnet.*Success/ or message:/vipnet.*"Success"/ don't work. Message:/vipnet.*/ AND message:/Success/ works. Why doesn't the regex seem to work? From: Naoki Kitajima Sent: Monday, April 28, 2014 2:40 AM To: GNS Logstash Subject: Regex syntax Hi Logstash users/admins, I am trying to find the matched lines with two words by regex but Logstash query results seems odd to me. Could you advise me what's wrong here? For example, I want to find the log that includes both "vipnet" and "Success". - Query: message:/vipnet.*Success/ ? This query doesn't match with anything. Why? - Query: message:/.*vipnet.*/ AND message:/Success/ ? This query work. Thanks, Naoki -- Remember: if a new user has a bad time, it's a bug in logstash. --- You received this message because you are subscribed to the Google Groups "logstash-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/0a99e855b7a149f2a47fcc3a8e2d2b80%40BN1PR03MB022.namprd03.prod.outlook.com. For more options, visit https://groups.google.com/d/optout.
