How do I make my query case sensitive.
Say I want my search results for "Case Sensitive" and not "CASE sensitive" or "CASE SENSITIVE"
This is what I'm using which isn't helping.
index=foo_foo sourcetype=foo "Is my query CASE(Case Sensitive)"
I've tried using CASE(Case Sensitive) but that didn't help me get the results.
I suspect Splunk is interpreting your search string literally so is not seeing CASE as a function.
Try this:
index=foo_foo sourcetype=foo "Is my query "CASE(Case Sensitive)