Search for a substring within a specific field

ghouston10 · February 7, 2018, 12:25pm

Hi,

Is it possible in kibana to search for a substring contained within a specific field?

thomasneirynck · February 7, 2018, 7:33pm

I think the answer is, it depends.

In any place you would be using Painless, for example, in Kibana's scripted fields, you can use Regex to do substring matches on a field-value.

See here for an example: Substring in painless

You can also do prefix-queries with lucene using the wildcard character. So in the Kibana query-bar, you could do something like url:https* to search for all https calls. The wildcard query in lucene cannot be put at the start of a string. More info on that here: https://lucene.apache.org/core/2_9_4/queryparsersyntax.html#Terms

ghouston10 · February 8, 2018, 8:53am

Hi,

Thanks for the reply. I would be performing the search using dev tools within Kibana. How would it be implemented there?

Thanks

thomasneirynck · February 8, 2018, 1:58pm

In the console, you would just put raw ES-queries. You probably want to look at the regexp searching:

Note that this only works on keyword fields, not on analyzed fields.

system · March 8, 2018, 1:59pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Search for a string within a specific field Kibana	2	4352	March 7, 2018
While searching in kibana, can i use substring on a field? Kibana	2	619	December 14, 2018
Is possible Exact match substring in kibana? Kibana	5	9032	October 25, 2019
Substring search in Kibana 4 search bar Kibana	12	72964	July 6, 2017
Writing a regex to find substring in kibana discover search bar Kibana	2	1104	May 19, 2020