HI,
I want to search using regex pattern in kibana. i have message and i want to search specific keyword and how could i achieve it.
i tried below and its gets match everything
message:.*User_id/[0-9]+/To use regex, you have to switch from KQL to Lucene as your query language first.
Then, the regex has to be wrapped by slashes (and slashes within the query have to be escaped: message:/.*User_id\/[0-9]+\//
Can you help me on script section to create scripted field in kibana,
2020-04-08 12:18:13:153 log - Received JSON Response: UserID: 123456
need to extract userid value from above message and above message is stored in message field.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.