I have ELK setup and indexing logs from our servers. We see a strange
behavior while we try to search from Kibana. For example
field: *.value.v1
results in no results when field value is like: xyz.value.v1 But when we do
query as
field: *value.v1
we get the results. So the "." after * creates the issues. But if the field
value is xyz-zz.value.v1 then query
field: *.value.v1
give the result. So We think it seems to be related to tokenizer and
analyzer. We are using default settings from Elasticsearch and the field is
mapped as string. So any help or suggestion in changing the analyzer
settings in mapping or any idea in solving this issue will be helpful.
We are using Elasticsearch 1.3.6 and Kibana 3.1
Regards,
Em
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/ad331688-a7d7-466c-8369-727d1f09e3e2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.