I am using the Kibana 'filter builder' to create a search like 'uri is x'. The uri field (from Bro http logs) contains this: /auth/spGo.php?assetid=home&supportid=
When I set 'x' to one of these, the search works and finds what I expect (note lack of escaping):
When I set 'x' to one of these, the search does NOT work and finds nothing:
I would like to do search for ?, but using \? does not work either.
Bug? Newbie error? Any solutions?