Using wildcards and boolean operators for keyword fields with whitespaces

Elastic Stack Elasticsearch
1

Is it possible to write a single elasticsearch query to search for keyword fields with whitespaces, wildcards and boolean operators?
For my usecase I would like to use the query_string, because i will use it as an userinterface and the query will be defined by the user.

Reproduce:

For example if my dataset consist of "Hello World", "Wrong Field", "Failed" and I try to get only "Hello World".

curl -XPUT 'localhost:9200/example_index?pretty' -H 'Content-Type: application/json'
curl -XPOST 'localhost:9200/example_index/_bulk?pretty' -H 'Content-Type: application/json' -d'
{ "index": { "_index": "example_index", "_type": "test-data" } }
{ "@timestamp": "2017-05-01T10:00:00.000Z", "text": "Hello World" }
{ "index": { "_index": "example_index", "_type": "test-data" } }
{ "@timestamp": "2017-05-01T10:00:00.000Z", "text": "Wrong Field" }
{ "index": { "_index": "example_index", "_type": "test-data" } }
{ "@timestamp": "2017-05-01T10:00:00.000Z", "text": "Failed" }
'

For this query I get the "Wrong Field", but I expect "Hello World".

curl -XGET 'localhost:9200/example_index/_search?pretty' -H 'Content-Type: application/json' -d'                                                                                             
{
  "query": {
    "query_string": {
      "query": "text.keyword:(Hello W*) AND text.keyword:(*d)"
    }
  }
}
'
2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.