Search error after upgrade to 3.3.9

spawnzao · January 13, 2021, 2:16pm

Hi, I’m having a problem with my searches after updating the graylog from 3.2.6 to 3.3.9

examples:
source:server AND suricata_description:(*RDP* OR *Terminal*)
application_name:zeek_conn AND history:(*C* OR *c*)

error_query

I can’t fix the searches

tmacgbay · January 14, 2021, 7:05pm

Can we assume that you have made sure that leading wildcards are turned on in your Graylog configuration file?

system · January 28, 2021, 7:05pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Upgrade To Opensearch Graylog Central (peer support)	5	174	December 23, 2023
Graylog can not search Graylog Central (peer support)	3	447	October 9, 2017
New user needing some help Graylog Central (peer support)	5	778	February 11, 2019
Still getting search failures under 2.3.1 Graylog Central (peer support)	4	717	September 14, 2017
Is this how you upgrade Graylog to 3.2? Graylog Central (peer support)	8	1428	March 23, 2020