Skip to content

Group by field: search of existing field should be case sensitive #169

New issue
New issue
Open
Open
Group by field: search of existing field should be case sensitive#169
@frantz45

Description

@frantz45
frantz45
opened on Dec 5, 2025

For some rule types (like Group/Distinct, AND, THEN, OR) you can choose one or multiple fields for the Group by Condition.
When you begin to type the name of the field, a list of existing fields is shown.
However it's case insensitive. It should be case sensitive because field names are case sensitive.

Issue:

  • You want to group by field "user"
  • This field is not known by Graylog (no log with this field has been received yet)
  • Graylog only knows the field "User" (with a uppercase "U")
  • If you type "user" in the group by condition, it only shows "User" and you can't choose Create "xxx" (as you can when the field is unknown)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions