Query_string using special character work and dont work without escaping

eladonline · January 24, 2023, 8:17am

Hey,
what is the diferent that the first works and the others does not?

GET /forensics/_search
{

  "query": {
   "query_string": {
     "fields": ["referer"],
     "query": "http://10.26.30.206*"
     // but these doesnt
    // "http://10.26.30.206:*" or "http://10.26.30.206:31006/"
   }
  }
}

another thing
this works in the devTools but not from the js Api

GET /forensics/_search
{

  "query": {
   "query_string": {
     "fields": ["referer"],
     "query": "http\\:\\/\\/10.26.30.206\\:31006\\/"
   }
  }
}

and here is the api payload

 {
  "query": {
    "query_string": {
      "fields": [
        "referer"
      ],
      "query": "(\"http\\\\:\\\\/\\\\/10.26.30.206\\\\:31006\\\\*\") AND @timestamp:[2023-01-24T08:41:36.198Z TO 2023-01-24T08:56:36.198Z]"
    }
  },
  "sort": [
    {
      "@timestamp": {
        "order": "desc",
        "format": "strict_date_optional_time_nanos"
      }
    }
  ]
}

system · February 21, 2023, 8:18am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
ElasticSearch escape special character Elasticsearch	4	2511	July 12, 2021
Query_string query with asterisk and escaped char not working Elasticsearch	3	706	September 27, 2022
Elasticsearch Query String Query \| Escaping double quotes Elasticsearch	3	3561	April 24, 2019
How to escape forward slashes in a query_string query? Elasticsearch	1	1392	February 20, 2019
Query_string queries and special characters Elasticsearch	2	4210	July 6, 2017

Query_string using special character work and dont work without escaping

Related topics