I'm trying to find documents where the host.os.platform field has some words similar to host.os.name for example I want to use Kibana discover either Lucene or KQL for that.
This is what I came up with :
host.os.platform:*host.os.name*
This query uses a wildcard character * to match any characters before or after the value of host.os.name . So if host.os.name is "Rocky Linux", this query will match documents where host.os.platform contains any words that include "Rocky", such as "rocky", "rockylinux", "rocky-8", etc.
I m not getting results can any one may be advise on what I m doing wrong here.
update some thing what I came up with may it will help some one
host.name: *linux* and host.os.type: linux