Kibana full text search

Ajay_Singh_Chouhan · May 25, 2016, 11:09am

Hi I have recently ingested apache logs to ES through logstash and I am analyzing them through Kibana . Few of the log lines contains the phrase- java.lang.outofmemory.....but when I search for the word "memory" in the kibana search bar it doesn't show up the document containing above phrase.
but when I search for "java.lang.outofmemory" it comes up.
I am below ELK versions-
ES : 2.3.0
Logstash:2.2.0
Kibana:4.5.0

looks like the default analyzer considering the whole phrase java.lang.outofmemory as one term rather than splitting it up into java,lang,outofmemory
Do need to change the standard analyzer to english analyzer?
Please help
Thanks

tylersmalley · May 25, 2016, 10:51pm

You will need to make sure that it's an analyzed field and the tokenizer/tokenfilter makes sense for how you want to query the information. You can read about that here: https://www.elastic.co/guide/en/elasticsearch/guide/current/full-text-search.html and https://www.elastic.co/guide/en/elasticsearch/reference/2.3/analysis.html

The english analyzer might not work since the words are not split up by whitespace or punctation.

You can use the settings API to view the analyzed fields: https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-get-settings.html

Ajay_Singh_Chouhan · May 31, 2016, 7:07am

Thank you

Topic		Replies	Views
White space analyzer Elasticsearch	5	575	July 5, 2017
I am not able to find a word which is seprated by (.) Kibana	19	924	October 16, 2017
String to full text data table KIBANA Kibana	5	2518	August 31, 2018
Analyzed string can use a lot of memory to visualize Kibana	4	1240	July 6, 2017
Elasticsearch:java.lang.OutOfMemoryError: Java heap space Elasticsearch	9	12888	October 23, 2017

Kibana full text search

Related topics