Hello community, i want to know if any of you have knowledge of ES|QL
Im trying to do some viwes for a dashboard and i think this new feature can help but i was unable to do so.
this is an example of the data
but as soon i want to search something it just doesn´t work, so its kind of useless
any help will be very useful
could you try with:
from snmp*
| where tags like "snm*"
?
Added esql and removed kql-kibana-query-language
no luck, i gave up with ES|QL I think its too new and its not working yet, will wait for the next releases.
@Gaston_Beltramelli cc @dadoonet
Please share a document or two...
Tags is an array so that needs to be considered...
There are 2 basic approaches to searching / matching on Arrays
Use MV_EXPAND which will create a new row for each tag value and then a simple where tags like "snm*" will work
Use MV_CONCAT to concatenate all the tags into a single new string then use the wildcard match
ESQL is GA and works well, could this use case be easier yes, are more functions being added yes...
Hope this helps
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.