Why is regex filter not working?

jchen2000 · October 24, 2015, 5:23am

Hi All,

I have the following case with multifields, but regex keeps failing on the raw field, but succeeds on the analyzed one. Any pointer when this is the case?

Thanks,
Fang

POST /test-whois-db/_mapping/whois
{
"properties": {
"f": {
"type": "string",
"fields": {
"raw": {
"type": "string",
"index": "not_analyzed"
}
}
}
}
}
POST /test-whois-db/whois
{
"f": "DOMAINCONTROL"
}

POST /test-whois*/_search
{
"fields": [
"f.raw"
],
"query": {
"filtered": {
"filter": {
"query": {
"query_string": {
"query": "f.raw:/DOMAIN.*/"
}
}
}
}
}
}

dadoonet · October 24, 2015, 5:40am

Regex query are not analyzed.
If you run It against an analyzed field, remember that this one has probably been lowercased.

So lowercase your regex pattern.

jchen2000 · October 24, 2015, 6:43pm

there was an error in my statement. It actually succeeded in the "analyzed" field (non-raw).
I tried several times, it seems like it fails because the original text is upper case (in raw field), while my query filter would always be lowercased after query parsing.

Any idea how to resolve this issue?

dadoonet · October 24, 2015, 7:03pm

I'd try to avoid regex queries. Like wildcard they can be slow.
May be try to apply regex at index time.

But that might depends on your use case.

Topic		Replies	Views
Regular expressions and non-analyzed fields Elasticsearch	1	1590	July 5, 2017
Regex search not working Kibana	4	2142	July 6, 2017
Regex is not working Elasticsearch	4	4692	July 6, 2017
How to get the case insensitive results from a regex query Elasticsearch	4	6390	July 5, 2017
Is it possible to add a Space in Regex - Elasticsearch 1.7? Elasticsearch	8	3365	July 5, 2017

Why is regex filter not working?

Thanks, Fang

Related topics

Thanks,
Fang