I'm a bit lost with a search query in Sumologic. I need to get logs where _sourceHost contains production
In case of SQL it looked like this
WHERE app="my-app" AND _sourceHost LIKE "%production%"
Does somebody knows if it's possible in Sumologic?
try this:
| where _sourceHost matches "*production*"
see also:
https://help.sumologic.com/Search/Search_Query_Language/Search_Operators/matches
https://help.sumologic.com/Search/Search_Query_Language/Search_Operators/where