Easier "exclude" filters

Question

I like that you start your various filters off with "include" for things like alert queries and dashboard queries, but I'd also like to see an "exclude" that follows the include. &nbsp;There are plenty of cases where I want to see all devices in group structure such as...

Windows Servers
		
				&nbsp; Exchange

&nbsp; SQL

&nbsp; IIS

&nbsp; DHCP

&nbsp; AD

&nbsp;

Except that I don't want to see say IIS. &nbsp;So I only have two options, 1. try to ignore IIS in the results, or 2. do an include on all the sub-groups.. &nbsp;

I would love to have a query that in essence is....

Show me all windows servers, exclude IIS

Let me know if you have any questions.

We'll do a group include of "*windows*" and tried also adding&nbsp;
			"!*IIS*"&nbsp;
			"!IIS"
			and a few other combos with no luck. &nbsp;That was on the alerts view in the includes filter.

eric_singer · Answer

I'm not having any luck with Glob filters.

Also, just a suggestion. &nbsp;I get that you have a mixture of Linux / Windows admins. &nbsp;Me being a windows admin, I'm going to be a bit bias in saying that I find regex style patterns to be overly convoluted, and honestly wish you guys simplified your operating / pattern matching language. &nbsp;Certainly nothing wrong with offering regex as an option, but its&nbsp;not my go to langue for pattern matching, or its rather a language of last resort that I use.

For example:

I have a group structure that looks like this

Windows Servers\
	&nbsp; Exchange
	&nbsp; SQL
	&nbsp; IIS
	&nbsp; DHCP
	&nbsp; AD

Cisco\
	&nbsp;ESA
	WSA
	Switch
	FW

I want to show all devices in the Windows server, except IIS and I want to show only ESA in Cisco. &nbsp;Doing something akin to....

Select * from groups where (name like *windows* and not like *IIS*) or (name like *ESA*) &nbsp;

That's simple SQL language, and IMO far easier to read / understand. &nbsp;Even if it's not SQL based language, I think working on more friendly (readable) language would be a huge benefit. &nbsp;Even something more simplistic like&nbsp;

(like *windows* and notlike *IIS*) or (like *ESA*). &nbsp;

Maybe even take it a step further and offer multiple query languages that we can pick from. &nbsp;Sometime regex IS the only language that can get it done. &nbsp;And while I realize regex more often than not can do what SQL cannot, 99% of the examples I'm showing, don't require the complexity of regex.

sarah_terry · Answer

Hi Eric - thanks for the feedback! &nbsp;For your examples:

1. Windows Servers/!(IIS*) would include everything in the&nbsp;Windows Server subgroups , except for the IIS subgroup &amp; all subgroups under IIS

2. Cisco/ESA* would include devices in the ESA group and all subgroups

You can&nbsp;combine these into one expression using the | character, like this: (Windows Servers/!(IIS*))|(Cisco/ESA*)

Let me know if this doesn't work for you

eric_singer · Answer

On 4/15/2016 at 10:08 AM, Sarah Terry said:

Hi Eric - thanks for the feedback! &nbsp;For your examples:

1. Windows Servers/!(IIS*) would include everything in the&nbsp;Windows Server subgroups , except for the IIS subgroup &amp; all subgroups under IIS

2. Cisco/ESA* would include devices in the ESA group and all subgroups

You can&nbsp;combine these into one expression using the | character, like this: (Windows Servers/!(IIS*))|(Cisco/ESA*)

Let me know if this doesn't work for you

&nbsp;

Sorry, but that syntax isn't working for me. &nbsp;And maybe its due to my group structure being more complex.

LocalLocation\Windows\Domains\DomainNAME\Exchange
	LocalLocation\Windows\Domains\DomainNAME\IIS
	DRLocation\Windows\Domains\DomainNAME\Exchange
	DRLocation\Windows\Domains\DomainNAME\IIS

Is a more realistic example. &nbsp;I of course modified your query a beginning wildcard to account for the parent group, as in I did&nbsp;(*Windows*!(*IIS*)). &nbsp;I don't see anything wrong with my query, but it returns back devices that are in the "IIS" group as well as other devices that I want.

I still contend that "(Like *Windows* and not like *IIS*) or (like *EAS*)" would be far easier to read and write.

sarah_terry · Answer

The syntax for that group structure would be *Windows/!(IIS) - using * before ! is negating the exclude in your query. &nbsp;&nbsp;We'll look into making these expressions easier to construct.&nbsp;

eric_singer · Answer

2 minutes ago, Sarah Terry said:

The syntax for that group structure would be *Windows/!(IIS) - using * before ! is negating the exclude in your query. &nbsp;&nbsp;We'll look into making these expressions easier to construct.&nbsp;

That nor&nbsp; *Windows!(IIS)&nbsp; appears to be working either. &nbsp;To be clear I'm doing this in a dashbaord alerts widget incase that matters

Forum Discussion

Easier "exclude" filters

8 Replies

Related Content

Resource Property Filters on the New UI Preview

string filters in the API (groovy)

Issues with new dynamic filtering feature of UIv4 Dashboards

Making OpenMetrics Easier

Can custom properties be used as widget filters or labels?

Recent Discussions

Dashboard Sharing – An Inline Framing Method

2021-12-15 US Office Hours

Live Training - Tuning Datapoints and Alerts - 15th JUNE 2022 - APAC

Live Training - Introduction to Dashboards - 18th MAY 2022 - APAC

2022-05-11- APAC Product Overview -Collectors, Resources/Groups, Dashboards