In source field have value "/var/access.log" and "/var/access.log - 20180820" . I want to search only source field value matched "/var/access.log". How to write discover query. Please guide me
It depends on how your field is mapped. If you're using Elasticsearch's default mappings for a string field you probably have a fieldName.keyword field. You can query against this field to do exact matches since no analysis is performed against keyword fields. e.g. fieldName.keyword:/var/access.log
Thanks. It's working fine...
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.