Trouble with Kibana Regex querys

lpnewell · May 3, 2021, 2:49pm

I'm trying to write a regex query to pick up on basic ssn and sin data in a query but any time i add a tiny bit of complexity the query can't pick up any data. I've wrote this query in things like devo and syslog(and online resources like regex101) with the correct results for our data logs but when it comes to kibana it just fails as soon as I use brackets.

Query I have been trying:

    "regexp": {
      "textmsg": {
        "value": "(ssn|sin)(\\s+|:|=)?\\d|(social|Social)(\\s+|_)?(security|Security)",
        "flags": "ALL",
        "case_insensitive": true
      }
    }
  }

lukas · May 4, 2021, 8:33pm

Does this query work when you try it in dev tools / console?

lpnewell · May 5, 2021, 1:30pm

lpnewell:

    "regexp": {
      "textmsg": {
        "value": "(ssn|sin)(\\s+|:|=)?\\d|(social|Social)(\\s+|_)?(security|Security)",
        "flags": "ALL",
        "case_insensitive": true
      }
    }

I tried your suggestion and no it does not work, I also just tried

.*(ssn|sin)(\s+|:|=)?\d|(social|Social)(\s+|_)?(security|Security).*

It returns results, but they're completely incorrect to the search query.

lpnewell · May 5, 2021, 1:31pm

I think i replied to myself. I sent a response above

system · June 2, 2021, 1:31pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Regex queries don't appear to work at all in kibana Kibana	3	1423	January 27, 2017
Regex queries don't work in Kibana Kibana	3	750	August 8, 2019
Issues with Regex in Kibana Kibana	3	1498	February 28, 2019
Kibana Search - Regex Kibana	2	931	August 6, 2018
Regular Expression doesn't work Elasticsearch	2	376	April 25, 2019

Trouble with Kibana Regex querys

Related topics