What is the difference between the patterns used for "regex" and "matches"?

Follow
Avatar
Yavor Atanasov

Hey guys,

We've just starting using sumo logic and it is great. As we are still learning the query syntax we have a question that we cannot find the answer of in your docs.

We are trying to use the "matches" operator but it is not very clear what is the supported format of the pattern that it takes. The docs don't really provide a spec, they just show a few examples:
https://service.sumologic.com/help/Default.htm#Matches_Operator.htm

Does "matches" only support wildcard (e.g. "*Macintosh")? We tried feeding it proper regular expressions, but they seem to not work.

Thanks for your help
Yavor

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Frank Reno

    Hi Yavor:

    Yes you are correct, the matches operator does not support regex, only wildcard. You can use parse regex to parse the data and then use a where clause to filter the data.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post