Hi,
Is it possible in kibana to search for a substring contained within a specific field?
hi @ghouston10,
I think the answer is, it depends.
- In any place you would be using Painless, for example, in Kibana's scripted fields, you can use Regex to do substring matches on a field-value.
See here for an example: Substring in painless
- You can also do prefix-queries with lucene using the wildcard character. So in the Kibana query-bar, you could do something like
url:https*to search for all https calls. The wildcard query in lucene cannot be put at the start of a string. More info on that here: https://lucene.apache.org/core/2_9_4/queryparsersyntax.html#Terms
Hi,
Thanks for the reply. I would be performing the search using dev tools within Kibana. How would it be implemented there?
Thanks
In the console, you would just put raw ES-queries. You probably want to look at the regexp searching:
https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-regexp-query.html
Note that this only works on keyword fields, not on analyzed fields.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.