Hello. I have over a trillion documents that are similar to the following:
{
"ip": "192.168.1.1",
"mac_address": "00:0a:95:9d:68:16",
"email_address": "somebody@domain.com",
"url": "some.domain.com/with/some/path?and_options=true",
"phone": "111-111-1111",
"count": 9000,
"message": "A really interesting messaging containing a lot of text"
}
I am going to want to query my data using any one of these fields. I will also want to be able to write queries where I can find out if any field contains, starts with, or ends with with they term searched on.
I am looking suggestions on what mapping, analyzers, normalizers, and tokenizers I should use.
Thanks!