Trouble with Kibana Regex querys

lpnewell · May 3, 2021, 2:49pm

I'm trying to write a regex query to pick up on basic ssn and sin data in a query but any time i add a tiny bit of complexity the query can't pick up any data. I've wrote this query in things like devo and syslog(and online resources like regex101) with the correct results for our data logs but when it comes to kibana it just fails as soon as I use brackets.

Query I have been trying:

    "regexp": {
      "textmsg": {
        "value": "(ssn|sin)(\\s+|:|=)?\\d|(social|Social)(\\s+|_)?(security|Security)",
        "flags": "ALL",
        "case_insensitive": true
      }
    }
  }

lukas · May 4, 2021, 8:33pm

Does this query work when you try it in dev tools / console?

lpnewell · May 5, 2021, 1:30pm

lpnewell:

    "regexp": {
      "textmsg": {
        "value": "(ssn|sin)(\\s+|:|=)?\\d|(social|Social)(\\s+|_)?(security|Security)",
        "flags": "ALL",
        "case_insensitive": true
      }
    }

I tried your suggestion and no it does not work, I also just tried

.*(ssn|sin)(\s+|:|=)?\d|(social|Social)(\s+|_)?(security|Security).*

It returns results, but they're completely incorrect to the search query.

lpnewell · May 5, 2021, 1:31pm

I think i replied to myself. I sent a response above

system · June 2, 2021, 1:31pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Regular Expression doesn't work Elasticsearch	2	374	April 25, 2019
[Kibana] - Add filter using specific regex Kibana	4	4062	April 12, 2019
Regex queries dont work as expected in kibana Kibana	1	527	July 6, 2017
Regex in Kibana Search bar? Kibana	3	11866	December 17, 2020
Regex query don't work in kibana but elasticsearch run very well Kibana	7	2679	July 6, 2017

Trouble with Kibana Regex querys

Related Topics