Hi! This is an artifact from the fact that elasticsearch lowercases wildcard searches: http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/query-dsl-query-string-query.html#_wildcards
I'm trying to find a way around this, unfortunately of course our test data does not contain all uppercase hostnames :( On Friday, January 17, 2014 11:06:59 AM UTC+1, Jean-Luc Bassereau wrote: > > Hello, > > All our Unix Syslog streams enter to graylog with a "low case" server > name, but, for some (yet) unknown reason our MS machines log come to > graylog through NXLOG with an uppercase servername. > > That shouldn't be a big issue but I guess we found a bug. > > When we try a wildcard search on the search bar concerning our Unix > servers (like servername\-*) everything works as expected. > But, when we try the same for our uppercased hostnames (like > SERVERNAME\-*) we have no result whereas a lot of entries are available > when we search the exact uppercased servername. > > -- > Regards, > Jean-Luc Bassereau > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
