Are you using the prebuilt filter via this method? Also are you using a
relative or absolute time range search?
1. Find message that contains the field you want to filter by
2. Expand message by clicking (to show all fields with the Magnifying logo)
3. Click on the Magnifying logo for the field
Hi Claus,
certain characters have to be escaped in the Lucene query syntax (which is
being used by Graylog and Elasticsearch), see
http://docs.graylog.org/en/1.1/pages/queries.html#escaping for details.
Cheers,
Jochen
On Tuesday, 8 September 2015 10:31:14 UTC+2, Claus Koell wrote:
>
> Hi !
>
Hi again !
Forgot to escape the ':' character
source_file:"C\:\\Program
Files\\IBM\WebSphere\\AppServer8\\profiles\\AppSrv01\\logs\\MyServer\\SystemOut.log"
but nothing wil be found.
Do i overlook something?
--
You received this message because you are subscribed to the Google Groups
