FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Filtering (matchesPhrase or contains) in DQL Query API

Melvs
Newcomer

‎12 Oct 2023 10:28 AM - edited ‎12 Oct 2023 10:35 AM

Hi All,

I'm trying to consume a specific data from the logs content, I am using a filter matchesPhrase or contains but both function is not returning any records through DQL Query API on swagger ui, when I removed those specific filters it return some records, but it does also work via Logs and Events or the Notebooks. I'm not sure if those filtering is not allowed on API. Below is the query that I've been using:

fetch logs , from:now() - 1d | fields DateTime = formatTimestamp(timestamp, format:\"MM-dd-YYYY\"),k8s.container.name,k8s.namespace.name,timestamp,content,ErrorClass=\"Configurator Error\" | filter (matchesValue(k8s.namespace.name, \"p1-extensions\") or matchesValue(k8s.namespace.name, \"p1\")) and matchesPhrase(content, \"Configurator Error\") | sort timestamp desc | summarize count(), alias: Total

Labels:
image.png
5 KB
0 Kudos
Reply
0 REPLIES 0
Ask a question

Featured Posts