Continuing the discussion from How to escape field values for elasticsearch filter query?:
Sorry for disappearing on my previous question, I had to drop my work for a while. I do not understand the reply @magnusbaeck gave. What command line option is being referred to there? I don't see anything in the documentation or --help output that looks relevant.
To recap the important stuff here, I'm using this query:
query => "usernames.keyword:%{[userid]}@%{[domain]}"
and sometimes the userid field value is something like "n/a", and I get a lexical error because of the / character. The event is coming from the jdbc_input plugin.