Search Substring of Log Text Field

I know this has been asked a million times, but none of the solutions seem to work. I'm trying to filter for a specific, reproducible error, to find out how long it had been going on. I have the following thus far for KQL to find logs for errors in a specific microservice

service.name : "benefits" and level: "ERROR"

The error I'm looking for is:

System.NullReferenceException: Object reference not set to an instance of an object.
at System.IdentityModel.Tokens.JwtPayload.get_Claims()
at System.IdentityModel.Tokens.JwtSecurityToken.get_Claims()
at <obfuscated>.OwinRestService.Host.Services.TokenIdentificationService.GetIdentification(JwtSecurityToken jwt, IOwinContext context)
at <obfuscated>.OwinRestService.Host.Extensions.OwinContextExtensions.CreateContextDto(IOwinContext context, IContextIdentificationService contextIdentifierService, ILogger logger)
at <obfuscated>.OwinRestService.Host.Middlewares.RequestContextMiddleware.<Invoke>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.GetResult()
at <obfuscated>.OwinRestService.Host.Middlewares.ExceptionHandlingMiddleware.<Invoke>d__4.MoveNext()

The Kibana KQL box autosuggests a query with the full string, but using it's own autosuggestion, nothing comes up. Hoping to try just a substring I changed my query to

service.name : "benefits" and level: "ERROR" and exception:"System.NullReferenceException"

Nothing. I've tried it without the quotes, with the :* operator, all forms of combinations but nothing comes up. How can I query for just a substring or something unique to this error log.

Use wildcard query.

Thanks. The bare minimum requirements to match that substring look like this.

GET /filebeat-7.6.1-*/_search
{
  "query": {
    "wildcard": {
      "exception": {
        "value": "System.NullReferenceException*"
      }
    }
  }
}

However, I'm still looking into how to better filter with the other conditions that I already had in place and will report back when a more advanced example can be provided.

You can add more/other constraints to your query.