We are using ELK for log processing. But unable to do free text search in Kibana. I wanted to search for a text "future" (Which I copy pasted from the document which appeared in the Discover tab) but Kibana showed "No results found" page. Not sure if I am missing anything. My Lucene query works though. Any insights on this is appreciated.
Ideally it should work just fine. Are you sure its not the field name that you're copying instead of the field value?
Other issue can be that the mapping for the given field is set to not_analyzed which would prevent any tokenization by Elasticsearch and hence preventing free text search.
Thanks Varun. Yes I am not copying the field name for search and 'analyzed' is enabled for most of the fields. It is working on my local one node system (docker). But not sure what is messing up at production where we have it on cluster exposed behind load balancer.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.