ES 2.4.6, Kibana 4.6.6.
Trying to search for strings containing % character, example:
Sep 7 23:22:56 kritek-sw-001 1567: 17w0d: %LINK-3-UPDOWN: Interface GigabitEthernet1/0/1, changed state to down
I was initially trying to regex %-[0-4]-: but no results get returned, so tried searches with just % and still get no results.
How can I search for % ?
It's possible you need to escape the %, based on how you've indexed your data. I assume the issue is caused by how your data is indexed in elasticsearch. Checkout [1] for similar question
Spencer, thanks for responding. I read the link but I don't understand how thats supposed to help me. I see the % character when I search for messages by hostname, ie; syslog_hostname:sw-001
Sep 8 23:26:34 sw-001 1577: 17w1d: %SYS-5-CONFIG_I: Configured from console by user on vty0 (192.168.15.7)
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.