Can i use regex while doing DQL queries?
353 views
Skip to first unread message
Daniel D'Angeli
Jun 17, 2024, 3:49:12 AM6/17/24
to Wazuh | Mailing List
Hi,
i am trying to identify wether or not from the gathered events, primary account numbers (PAN) are present.
Can i use the discover page and input the regex into the search query?
Regards,
Daniel D.
Manuel Jose Cano Rojo
Jun 17, 2024, 5:58:00 AM6/17/24
to Wazuh | Mailing List
Hello Daniel,
Regarding the official documentation from OpenSearch DQL, there is no native support for regex. Despite this, you can use wildcard, boolean operators, and ranges operators that may help you retrieve the information you are trying to get.
You can find some examples in the Wazuh documentation.
Regarding the official documentation from OpenSearch DQL, there is no native support for regex. Despite this, you can use wildcard, boolean operators, and ranges operators that may help you retrieve the information you are trying to get.
You can find some examples in the Wazuh documentation.
Let me know if it helps!
Reply all
Reply to author
Forward
0 new messages