Before you post: Your responses to these questions will help the community help you. Please complete this template if you’re asking a support question.
Don’t forget to select tags to help index your topic!
1. Describe your incident:
I am searching for msg=”” occurrences in my log files using Graylog 4.3. I use message:”msg=\”\”” to do the search and escape the ““ as I think would be expected. But my result set doesn’t only return msg=”” but it also returns msg=”1” etc. It is almost as if I used msg=”*”. This is not the expected result and I am strictly looking for msg=””
2. Describe your environment:
-
OS Information: Rocky Linux 8.10
-
Package Version: Graylog 4.3
-
Service logs, configurations, and environment variables:
3. What steps have you already taken to try and solve the problem?
I have tried to use msg.keyword:”” instead of message:”msg=\”\””. I have also used full_message instead of message. But none get to my desired result.
4. How can the community help?
Is there something I am missing? I would appreciate the community advice on this topic.
Helpful Posting Tips: Tips for Posting Questions that Get Answers [Hold down CTRL and link on link to open tips documents in a separate tab]