Hi,
How can i parse a message field wich contain slashes ?
I'm trying with query regexp, but without result.
Thanks all
can you please add sample document and sample query you are trying ?
hi,
the field is something like file.path:"use/share/domain/log/monappli/results.log"
in fact, i'm trying to select all enregistrements whith file.path beginning with "use/share/"
My sample query put in a filter of a search :
{
"query": {
"regex": {
"file.path": "\\/use\\/share\\/*)(?:[a-z0-9_-]"
}
}
}
Kibana version = 7.8.1
You can use match_phrase_prefix query of Elasticsearch.
{
"query": {
"match_phrase_prefix": {
"file.path": "use/share"
}
}
}
thanks, but it doesn't work with the keyword's type ! 
Another idea ?...
You can use prefix query like below:
{
"query": {
"prefix": {
"file.path.keyword": {
"value": "use/share"
}
}
}
}
Yep !
in my case, i had to encode the field "file.path" (and not "file.path.keyword"). Strange !...
{
"query": {
"prefix": {
"file.path": {
"value": "/use/share"
}
}
}
}
Another solution, for fun, to just search for a part of text in a value :
{
"query": {
"wildcard": {
"file.path": {
"value": "*/share/*"
}
}
}
}
The 2 solutions are goods 
Thanks a lot Sagar !
Because when i was trying on my system, i have created multi-field means file.path as text and keyword both. so when need to access as keyword i need to use file.path.keyword. as per my understanding in your implementation it is define as keyword only so you can directly access as file.path.