Log_Muncher
September 12, 2014, 2:05pm
#1
Hi,
One of my servers appears to be feeding nonsense into Fluentd which is then
Is it possible to use regex in queries ?
The syslog message content is always the same.... they start with numbers
Is there a way to do the equivalent of ^\d+) in a elastic search query ?
Thanks !
--elasticsearch+unsubscribe@googlegroups.com .https://groups.google.com/d/msgid/elasticsearch/19b17dc5-f188-4223-8d72-40732112814c%40googlegroups.com .https://groups.google.com/d/optout .
Hi ,
If this pattern is a single word , regex query might do the trick -http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/query-dsl-regexp-query.html#query-dsl-regexp-query
Thanks
On Fri, Sep 12, 2014 at 7:35 PM, Log Muncher railroaderslament@gmail.com
Hi,
One of my servers appears to be feeding nonsense into Fluentd which is
Is it possible to use regex in queries ?
The syslog message content is always the same.... they start with numbers
Is there a way to do the equivalent of ^\d+) in a elastic search query ?
Thanks !
--elasticsearch+unsubscribe@googlegroups.com .https://groups.google.com/d/msgid/elasticsearch/19b17dc5-f188-4223-8d72-40732112814c%40googlegroups.com https://groups.google.com/d/msgid/elasticsearch/19b17dc5-f188-4223-8d72-40732112814c%40googlegroups.com?utm_medium=email&utm_source=footer https://groups.google.com/d/optout .
--elasticsearch+unsubscribe@googlegroups.com .https://groups.google.com/d/msgid/elasticsearch/CAGdPd5n4yowfX98esw1MuUxDtVSjyxRtNHvnjqarnZ20o32N0A%40mail.gmail.com .https://groups.google.com/d/optout .
nik9000
September 12, 2014, 5:11pm
#3
If not you can write a script filter that runs the regex. Its slow but it
On Fri, Sep 12, 2014 at 11:33 AM, vineeth mohan vm.vineethmohan@gmail.com
Hi ,
If this pattern is a single word , regex query might do the trick -http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/query-dsl-regexp-query.html#query-dsl-regexp-query
Thanks
On Fri, Sep 12, 2014 at 7:35 PM, Log Muncher railroaderslament@gmail.com
Hi,
One of my servers appears to be feeding nonsense into Fluentd which is
Is it possible to use regex in queries ?
The syslog message content is always the same.... they start with numbers
Is there a way to do the equivalent of ^\d+) in a elastic search query ?
Thanks !
--elasticsearch+unsubscribe@googlegroups.com .https://groups.google.com/d/msgid/elasticsearch/19b17dc5-f188-4223-8d72-40732112814c%40googlegroups.com https://groups.google.com/d/msgid/elasticsearch/19b17dc5-f188-4223-8d72-40732112814c%40googlegroups.com?utm_medium=email&utm_source=footer https://groups.google.com/d/optout .
--elasticsearch+unsubscribe@googlegroups.com .https://groups.google.com/d/msgid/elasticsearch/CAGdPd5n4yowfX98esw1MuUxDtVSjyxRtNHvnjqarnZ20o32N0A%40mail.gmail.com https://groups.google.com/d/msgid/elasticsearch/CAGdPd5n4yowfX98esw1MuUxDtVSjyxRtNHvnjqarnZ20o32N0A%40mail.gmail.com?utm_medium=email&utm_source=footer
For more options, visit https://groups.google.com/d/optout .
--elasticsearch+unsubscribe@googlegroups.com .https://groups.google.com/d/msgid/elasticsearch/CAPmjWd3hmLjyw-LZ5sKFUCvyOujD_aj5VUymNh8U19Qfp9ALbQ%40mail.gmail.com .https://groups.google.com/d/optout .