Reputation: 3128
What is the difference between the `!has` and `!has_cs` string operators in KQL?
What is the difference between the !has and !has_cs string operators in KQL?
There is the documentation. It says that both the "North America" !has "amer" and the "North America" !has_cs "amer" will return true.
If the !has would not have been case sensitive I would expect the "North America" !has "amer" to return false, since America contains the amer if we ignore the casing. But it returns true. Hence, I conclude that the !has is case sensitive and behaves exactly the same as the !has_cs. Is it really the case or am I missing something here?
Upvotes: 0
Views: 297
Answers (1)
Reputation: 44981
has_cs is case sensitive.
has is case-insensitive.
Both of your conditions return true since has looks for a whole term.
A term is a sequence of alpha-numeric ASCII characters (see What is a term?)
In your example amer is just a (case-insensitive) piece (the prefix) of the whole term, which is America, therefore has returns false.
Upvotes: 1
Related Questions
- SQL - HAVING vs. WHERE
- Whas is the difference between the `has` and `contains` operators in KQL?
- "Exists" clause in KQL
- SQL Server Differences? With Contains
- Kusto Query Contains Operator Does Not Work With Escape Characters
- Kusto !has_any | where value does not contain any value in set
- Kusto Query Language: Get keyword that was matched (has_any)
- What is the difference between HAVING and WHERE in SQL?
- Why do these two queries with 'EXISTS' behave differently?
- Has SQL something like WHERE or HAVING ONLY?