Diogo Uchoas Correa
Reputation: 23
Kibana 4: Can't do wildcard query with dot in field value
I have a analyzed field hostname and a not_analyzed field hostname.raw.
I'm trying to query a few hosts that have a dot in the field value, like
AP.MO.HALL-01 AP.MO.2FLOOR-01
When I try to query hostname:AP.MO.*, it also returns hosts with the value AP.MOOCA.HALL
When I try to query using the field that isn't analyzed, I get no results at all: hostname.raw:AP.MO.*
How can I make Kibana respect the dot before the wildcard?
Upvotes: 2
Views: 4418
Answers (1)
Simon Guest
Reputation: 2162
I was able to get a similar issue resolved by using a RegEx query, and escaping the periods within the hostname.
Looking at your example, something similar to the following should work:
hostname: /.*AP\.MO\..*/
Upvotes: 6
Related Questions
- Why does elastic search wildcard query return no results?
- Wildcard search doesn't work in Kibana
- Can't get wild card query to work on multiple fields in elasticsearch
- elasticsearch wild card query not working
- Elastic Search wildcard query not working with case insensitive ( for lower case)
- Lucene wildcard search
- Elasticsearch query with wildcards
- Search for a string that start with a wildcard in ElasticSearch
- Elasticsearch search fails in field with special character and wildcard
- Elasticsearch: Wildcard query returns error