I would like to get the data with Android version.
ua: shows like this
Mozilla/5.0 (Linux; Android 7.0; HUAWEI CAN-L12 Build/HUAWEICAN-L12; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/65.0.3325.109 Mobile Safari/537.36
and i search it like this:
ua:Android 7 -> only Android match
ua:'Android 7' -> only Android match
ua:"Android 7" -> no match
ua:'Android 7'* -> Android or 7.X match (ex. it includes Android 5.1.1)
how can i get the data only Android 7 version's data (like Android 7.0, Android 7.1.1, and so forth)?
Hey @tarosuzuki, it really depends on how you've indexed your data for how we can best write a query like this. When you index a string into Elasticsearch, it's indexed as either "text" and/or a "keyword".
When the data is indexed as "text" it is run through an analyzer and split into terms which you can then search using full text search constructs. If you're using the standard analyzer, this is going to split a user-agent like "Mozilla/5.0 (Linux; Android 7.0; HUAWEI CAN-L12 Build/HUAWEICAN-L12; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/65.0.3325.109 Mobile Safari/537.36" into a bunch of separate terms, and it's going to make searching for "Android 7.x" really challenging because a lot of analyzers don't know how to parse user-agents intelligently.
If you're unable to reindex your data in a more structured manner, you can use a query similar to the following with a regex, but it's rather slow: ua.keyword:/.*Android 7\..*/
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.