Hi,
I would like to use Timelion as follow
This is the request :
.es(q='msg: "*Detected server" AND msg: "started" AND tags: "SystemOut"', index=ref_rfnd*)
Request result
Detected server DPZ_500 started on node EXAMPLE1
Detected server DPZ_500 started on node EXAMPLE2
Detected server DPZ_500 started on node EXAMPLE2
Detected server DPZ_500 started on node EXAMPLE3
Detected server DPZ_500 started on node EXAMPLE4
Detected server DPZ_500 started on node EXAMPLE1
I would like to label on node name i.e : EXAMPLE( i )
But i did not succeed to use regex on label.
I dont know how to proceed.
I tried this expression but its not working:
es(q='msg: "Detected server" AND msg: "started" AND tags: "SystemOut"', index=ref_rfnd).label("Node $1, "Detected\sserver\sDPZ_500\sstarted\son\snode\s(\w+)")
whereas I tested the regex succesfully in Regexp Tester.
Some one can help me ?
Regards