Hi
I'm trying to find all access log entries matching a specfic pattern - rest url. But I'm struggling
Say for example I had the following regex
\/api\/savedsearches\/[0-9a-z]{24}\/on
The following uri path would match
/api/savedsearches/5a6f390be4b01fbf020780c6/on
https://regex101.com/r/KyMX0u/1
How do I implement this as a filter in Kibana?
{
"query":
"regexp": {
"requested_uri": ".*savedsearches.*"
}
}
}As you note, you can use the regexp query as a filter in Kibana. Looking at the Standar Operators sections, the regexp you posted seems to be valid, and indeed, running it doesn't produce an error. I don't have the same data as you, so when I run this on the extension field in my data set, I get no results, but also no errors. Have you tried creating a filter with the following DSL?
{
"query":
"regexp": {
"requested_uri": "\/api\/savedsearches\/[0-9a-z]{24}\/on"
}
}
}
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.