Kibana query of reserved characters

I am using the Kibana 'filter builder' to create a search like 'uri is x'. The uri field (from Bro http logs) contains this: /auth/spGo.php?assetid=home&supportid=

When I set 'x' to one of these, the search works and finds what I expect (note lack of escaping):

When I set 'x' to one of these, the search does NOT work and finds nothing:

I would like to do search for ?, but using \? does not work either.

Bug? Newbie error? Any solutions?


What is filter builder referring to?

Sorry, by filter builder, I mean the "Add a filter +" just below the search box at the top of the "Discover" menu. I am sure there is an official name for this, but I do not know what it is. I have been looking at ELK for about a week and a half, so I have a lot to learn.

What is the process to raise this as a possible bug?

Kibana version 6.2.2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.