Hello is there a way to get this search case INsensitive?
winlogbeat_event_id:4624 AND (winlogbeat_event_data_TargetUserName:administrator
you might already know that part of the documentation: https://docs.graylog.org/en/3.1/pages/queries.html
How you search case insensitive really depends on how the data is saved in Elasticsearch itself - but you could make a regex search for example.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.