Multiple label filters with OR?

sgofferj · November 15, 2024, 10:57am

Found it:

{job="defiant", appname="snort"} | pattern `[<gid>:<sid>:<rev>] "<class> <message>" [Classification: <classification>] [Priority: <priority>] {<proto>} <src>:<spt> -> <dst>:<dpt>` | (classification =~ `.*(Attempt|Attack).*` OR message =~ `.*(login attempt|[Aa]ttack).*`)

Topic		Replies	Views
How to use logQL query a or b in a single line,just like {job="ck_logs"} \|= "a" or "b" Grafana Loki	1	382	September 26, 2022
LogQL: Logical "OR" on stream selectors Grafana Loki loki , query-help	2	1910	January 18, 2024
Feature request to have OR operation between Adhoc filters Elasticsearch	2	596	February 15, 2018
GRAFANA variable AD hoc filters, OR possible? Grafana	1	555	January 30, 2021
Loki - stream selector - force match on all label selectors? Grafana Loki query-help	1	501	August 18, 2023

Multiple label filters with OR?

Related topics