Is wildcard queries not supporting in kibana discovery search ? want to search the all pods/container names in particular namespace

Luca_Belluccini · April 7, 2020, 8:43am

If you're using KQL, you should be able to search:

kubernetes.namespace_name.keyword : dev and kubernetes.pod_name.keyword : dev-web*

If you're using Lucene search, you should be able to use:

kubernetes.namespace_name.keyword:dev AND kubernetes.pod_name.keyword:dev-web*

From the field names, I can see you are not using the Index Templates provided with Filebeat to ingest Kubernetes logs.

This is an example on our demo data

Topic		Replies	Views
Can't find data when doing simple KQL query ( can see the log in general search) Kibana	4	2194	February 1, 2021
Busqueda con error en Discoverc Kibana discover	4	299	November 15, 2023
KQL Query with wildcard and space not working (with wildcard type) Kibana kql-kibana-query-language	4	3940	April 19, 2021
Strange problem finding any documents/logs, other than from a specific container (Kubernetes) Kibana	2	689	October 28, 2020
Wildcard search problem Kibana	2	2313	July 6, 2017