Regex not working

gongzt · April 6, 2017, 1:59pm

We are trying to match following content using regex query:
SRVE0293E: [Servlet Error]-[action]: java.lang.NullPointerException
Where SRVE0293E, Servlet Error, java.lang.NullPointerException are the keywords.

We tried a lot of different patterns but still not able to get a correct one, here is one of the queries we have tried:
{
"query": {
"filtered": {
"query": {
"bool": {
"must": [
{
"query_string": {
"default_field": "fields.subType",
"query": "ewpCore"
}
},
{
"regexp": {
"message": ".*srve0293e.*nullpointerexception"
}
}
]
}
}
}
}
}

Please kindly help to get the correct regex, thanks in advance!

dadoonet · April 6, 2017, 2:42pm

Don't analyze the String if you really want to use regex.

system · May 4, 2017, 2:42pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.