Searching for multiple terms

jorumball · May 14, 2019, 4:53pm

Relative Graylog newbie here. I am scratching my head here because nothing I try here seems to yield the expected results.

In our logs is a Message field that contains the complete text of our ASA log entry.

I am trying to search in that field only, for multiple terms… like a syslog code and a username but nothing I try works.

Example: %ASA-4-113019 AND jsmith

This doesn’t work. Is my syntax wrong or can this type of search not be done?

Thanks.

John

megan201296 · May 14, 2019, 9:45pm

Did you try putting the phrases in quotes? i.e. “%ASA-4-113019” AND ”jsmith”?

jan · May 16, 2019, 10:55am

did you checked the docs on that?

system · May 30, 2019, 10:55am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Multiple filter in query Graylog Central (peer support)	2	5581	July 14, 2020
Search matching by field Graylog Central (peer support)	3	357	August 14, 2019
Graylog returning one thing in search and another in testing the extractor Graylog Central (peer support)	1	254	April 30, 2019
Help with search logic for complex query Graylog Central (peer support)	5	1063	June 30, 2020
Best way to search for this text Graylog Central (peer support)	2	1580	September 14, 2018