When searching, how do I exclude log messages that contain a certain string? E.g. if I don’t want to see health checks like:
- - - [05/Dec/2019:15:18:33 -0800] "GET /admin/health HTTP/1.0" 200 15 "-" "nginx (health check g2s_status_up)" "-" 10.0.0.0 0.187
I’ve tried searching with:
NOT health
NOT “(health”
NOT “/admin/health”
And yet I still get results like the above.
I also have some kinds of healthchecks in my environment and here is what I can tell: if these requests are really meaningless it’s better to avoid them at all.
There are 2 possible ways: avoid it on Nginx level (https://docs.nginx.com/nginx/admin-guide/monitoring/logging/) or drop such messages using Pipeline
Thanks for the suggestion. The health check is just my example. I was just looking for a general example and it looks like someone I work with found it.
I needed to do
NOT message:health*
Note that case for boolean terms like NOT and AND appears to be important.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.