I can't figure out how to search using regexp in loggly.
For example there is log what I want to find using the expression /24nonstop.+7554/
.
{
"level_name": "WARNING",
"extra": {
"uid": "b1b3a7a",
"http": {
"SERVER": {
"REQUEST_URI": "/24nonstop/result?ACT=1&SERVICE_ID=7554&PAY_ACCOUNT=maxudov%40ukr.net%D0%9C%D0%90%D0%A0%D0%9A%D0%A3%D0%A1.777&PAY_ID=BA56136B-93C8-4715-AA5F-51699305C6F2&TRADE_POINT=11057&SIGN=A77D6B3B4CF84CA1B97C8FA5D9E7688D",
...
But in this case loggly finds nothing.
If I use /24nonstop/
then loggly finds logs.
Link for my regexp
Am I searching properly?
According to Regex. Loggly documentation
There are some limitations for regex search:
Regular expressions only work on single tokens when run on a full text search. You cannot do a regex >on a single term that has been split into several tokens due to special characters or other rules. For example, this won’t work because it’s been tokenized, even if we escape the special characters:
/HTTP/1.0/
Unfortunately there is no way to use /
in search pattern, even if it is escaped with \
.