Hi, I’m having a problem with my searches after updating the graylog from 3.2.6 to 3.3.9

examples:
source:server AND suricata_description:(*RDP* OR *Terminal*)
application_name:zeek_conn AND history:(*C* OR *c*)

I can’t fix the searches

Can we assume that you have made sure that leading wildcards are turned on in your Graylog configuration file?

(Search query language — Graylog 3.3.8 documentation)

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.