Hi, I’m having a problem with my searches after updating the graylog from 3.2.6 to 3.3.9
examples:
source:server AND suricata_description:(*RDP* OR *Terminal*)
application_name:zeek_conn AND history:(*C* OR *c*)
I can’t fix the searches
1 Like
Can we assume that you have made sure that leading wildcards are turned on in your Graylog configuration file?