Hi Team,
Regular expression to search all the documents with following URL ( have shown 3 docs here)
@fields.requested_uri: "/services/chinesedrugcontent/drugTopics/3492/json"
@fields.requested_uri: "/services/chinesedrugcontent/drugTopics/434/json"
@fields.requested_uri: "/services/chinesedrugcontent/drugTopics/3393422/json"
Search Queries
Qeury 1: Using double quotes ""
@fields.requested_uri: "/services/chinesedrugcontent/drugTopics/3492/json"
Return: All the documents consisting of exact URL as mentioned in the query
Query 2: Using forward slash //
@fields.requested_uri: /services/chinesedrugcontent/drugTopics/3492/json/
Return: All the documents consisting of terms mentioned in the query like services, chinesedrugcontent etc
Query 3: RegEx
Form 1: Using ""
@fields.requested_uri: "/services/chinesedrugcontent/drugTopics/[0-9]+/json"
Form 2: Using //
@fields.requested_uri: /services/chinesedrugcontent/drugTopics/[0-9]+/json/
@fields.requested_uri: /services/chinesedrugcontent/drugTopics//[0-9]+//json/
Returns: Nothing , none of the above 3 queries works
How to use regex in Kibana? Details given is the following page is not working for some reasons
https://www.elastic.co/guide/en/elasticsearch/reference/current/regexp-syntax.html
As per above link, To use reserved keywords as literally, escape it with a preceding backslash or surround it with double quotes. For example:
@ # renders as a literal '@'
\ # renders as a literal ''
"john@smith.com" # renders as 'john@smith.com'