I'm trying to write a SWQL query that allows me to filter certain messages coming from our UPS systems, and can't get it working.
You can see we are capturing messages shown WITHOUT a filter applied,
followed by verifying an example of an actual 'Hostname' resolution, and Syslog 'Message' column of node category I want to filter on, whose message field includes keyword 'UPS'
Now, seeing the EOC SWQL query parameters,
I attempted and failed to filter using a
1.) Node like '%ups%'
2.) Node.Caption like '%ups%', and a
3.) SysLog like '%UPS%'
is EOC v1.6.2 not capable of filtering or am I fat fingering something in my SWQL syntax? I read a very old thread it wasn't possible, but that article was like 8 years ago