Searching specific word in message

(Merces) #1

Hello guys,
This is my first experience to use Graylog. I have read the Searching article Graylog2 but it doesn’t help my case.
So, i have search config like this

gl2_source_input:5b5ff47415ad9360898cbf04 AND file:/var/log/nginx/appname.access.log message:"/otp/login"

After do searching, i get results like these:

[01/Oct/2018:21:48:10 +0700] “GET /otp/c/ajax/isverified HTTP/1.0” 200

[01/Oct/2018:21:48:10 +0700] “POST /otp/login HTTP/1.0” 200

[01/Oct/2018:21:48:11 +0700] “GET /otp/check?code=111 HTTP/1.1” 200

[01/Oct/2018:21:48:09 +0700] “GET /otp/verification/app?user_id=1 HTTP/1.1” 200

I found “/otp/login” (second) there but the 3 others should not be displayed, the first, third, and the fourth.

i have tried message:"\/otp\/login" or type:"/otp/login but it displays what i don’t want to display.

Could you help me guys… I have added AND but it doesn’t display anything (zero result)
Thank you all

(Merces) #2

I have enable “allow_leading_wildcard_searches” to be true
but it doesn’t help

(system) #3

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.