Filter not working

hello internet!

can someone point out why the below filter which look for an IP is not working

  if [answers] =~ "127\.0\.0\.1" {
    mutate {
      add_tag => [ "non-routable" ]
    }
  }
  if [answers] {
    mutate {
      add_tag => [ "active" ]
    }
  }

the field in the elasticsearch document for reference;

  "answers": [
     "127.0.0.1"
  ],

if also tried using == "127.0.0.1" which also doesnt seem to match

This would be the correct regexp match syntax:

if [answers] =~ /127\.0\.0\.1/ {

But that's a sloppy regexp that doesn't anchor the beginning and end of the string, so this is better:

if [answers] =~ /^127\.0\.0\.1$/ {

And why use a regexp match when it's a plain string match you're after?

if [answers] == "127.0.0.1" {

And finally, since it's an array you're matching against what you really want to use is this:

if "127.0.0.1" in [answers] {