Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Search query in Sumologic - Contains

Tags:

sumologic

I'm a bit lost with a search query in Sumologic. I need to get logs where _sourceHost contains production

In case of SQL it looked like this

WHERE app="my-app" AND _sourceHost LIKE "%production%"

Does somebody knows if it's possible in Sumologic?

like image 534
Vitalii Avatar asked Oct 21 '25 11:10

Vitalii

2 Answers

try this:

| where _sourceHost matches "*production*"

see also:

https://help.sumologic.com/Search/Search_Query_Language/Search_Operators/matches

https://help.sumologic.com/Search/Search_Query_Language/Search_Operators/where

like image 51
Christian Beedgen Avatar answered Oct 24 '25 11:10

Christian Beedgen

You can add wildcards to your string for _sourcehost= I don't know if app= is a part of your string or if it's an indexed value. If it's just part of the log string, it would look like this:

"app=\"my-app\"" AND _sourceHost=*production*

Otherwise it might be

app=my-app AND _sourceHost=*production*

One step further, you can use the wildcards in the middle of strings too, e.g.,

prod*box would match prod553box or prod999box or prodfoobox

like image 37
bikeonastick Avatar answered Oct 24 '25 11:10

bikeonastick
Sign in to Comment

Related questions

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!