In a webinar - Elastic Common Schema for Cyber Threat Hunting, I see @mikepaq using wildcards in fields within Kibana.
When I try this within my setup (6.2), I get shard errors, with no results found.
Thanks for your feedback.
Hi Olatunde, this wildcard search was performed with query features that were changed after 6.2, and was operating on ECS-formatted data from 7.x that includes several fields that end with .ip
Please see https://www.elastic.co/blog/improving-kibanas-query-language for some additional context.
Thank you.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.