Contribute in GitHub:
Edit online
!= (not equals) operator
Filters a record set for data that does not match a case-sensitive string.
The following table provides a comparison of the == (equals) operators:
| Operator | Description | Case-Sensitive | Example (yields true) |
|---|---|---|---|
== |
Equals | Yes | "aBc" == "aBc" |
!= |
Not equals | Yes | "abc" != "ABC" |
=~ |
Equals | No | "abc" =~ "ABC" |
!~ |
Not equals | No | "aBc" !~ "xyz" |
For further information about other operators and to determine which operator is most appropriate for your query, see datatype string operators.
Performance tips
Performance depends on the type of search and the structure of the data.
For faster results, use the case-sensitive version of an operator, for example, ==, not =~.
If you're testing for the presence of a symbol or alphanumeric word that is bound by non-alphanumeric characters at the start or end of a field, for faster results use has or in.
Syntax
T | where col != (list of scalar expressions)
Arguments
- T - The tabular input whose records are to be filtered.
- col - The column to filter.
- expression - Scalar or literal expression.
Returns
Rows in T for which the predicate is true.
Example
events
| project original_time, name
| where original_time > ago(5m)
| where name != "InvalidName"
| count
Results
| Count |
|---|
| 15000000 |