When using KQL expressions such as *keyword*, no results are displayed if the text field contains an slash ('/') and the "keyword" is located afterwards the slash. For example with the following text field value:
Process '848' hidden from /proc. Possible kernel level rootkit.
With the query *hidden* it works, but with *rootkit* no results are displayed .
Is that the intended behaviour?
ELK 7.2.0
This shouldn't happen. Could you open an issue in the Kibana repo, please?
Done!
https://github.com/elastic/kibana/issues/41436
Thank You!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.