Hello,
I can have message like this
Some object id=3 created by user=123
What is the best way to get tokens
id=3, user=123
after analysis?
I think about splitting with standard delimiters (with Tokenizer) excluding "=" and filtering (with Token Filters) everything that doesn't contain it.
But maybe there is another better way.
And if not, can I exclude everything that not contain "=" without regular expressions?
An alternative approach might be to split this data at indexing time in separate fields, so that you can actually query it as well as easily access it.
Take a look at the node ingest feature and specificially the grok processor
hope this helps!
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.