Use multiple wildcards DSL Query

lutundula_jeanchris · April 20, 2018, 9:17am

Hello everyone , I just started using "DSL query" on my ELK platform and i want to make a DSL request that can use wildcard to perform matching search . my request will find all the mail_domain (term) that end with "mail.com" , "test.com" , "email.com" basically a list of domains , and dsplay them .

Here's my resquest

{
"query": {
"wildcard": {
"mail_domain.keyword": ["*mail.com" , "*email.com" , "*test.com"]
}
}
}

it seems like wilcard can't take an array of a term values . Do you have any idea how can i do it ?

Thanks

ppisljar · April 20, 2018, 1:19pm

This looks like a really bad idea. Elasticsearch will need to go thru every document to find those matches. To do this right you will need to index your data appropriately. Maybe add a domain field (with mail.com, email.com, ... values), or even a simple boolean field isMyMatchedEmailDomain

you could also use https://www.elastic.co/guide/en/elasticsearch/reference/6.2/analysis-reverse-tokenfilter.html to optimize your index for prefix wildcard searches

lutundula_jeanchris · April 23, 2018, 12:52pm

Thanks man

Topic		Replies	Views
Filtering for wildcard domains Elasticsearch	4	798	September 8, 2021
Wildcards in field paths within a query Elasticsearch	3	1814	July 6, 2017
Searching emails by domain Elasticsearch	4	4701	January 17, 2017
Multi_match with Wildcard? Elasticsearch	2	9617	September 14, 2018
Elastic simple query with wildcard Elasticsearch	2	342	July 19, 2021

Use multiple wildcards DSL Query

Related topics