Hello,
i have configured elastic search for storing windows event logs. I am able to dispaly it in grafana using JSON data with selected fields. Now I woulf like to use filtering.
I have table containing event_id and event_data.TargetUserName. event_data.TargetUserName can contain user account, blanks, and computer accounts. computer account is in format servername$
I need to filterout all blanks, and words ends with $.
I tryed to make some query like: NOT event_data.TargetUserName: /^.*[^]/ but it didnt worked. How to write correct filter? That regex i tested with rubular and there it worked,
Thanks
Jan