The Kibana Query Language (KQL) _ example

 

 

 

 

https://www.elastic.co/guide/en/kibana/7.13/kuery-query.html

 

Wildcard queries

Wildcards queries can be used to search by a term prefix or to search multiple fields. The default settings of Kibana prevent leading wildcards for performance reasons, but this can be allowed with an advanced setting.

To match documents where machine.os starts with win, such as "windows 7" and "windows 10":

machine.os:win*

To match multiple fields:

machine.os*:windows 10

This syntax is handy when you have text and keyword versions of a field. The query checks machine.os and machine.os.keyword for the term windows 10.

 

posted @ 2022-04-26 12:09  PanPan003  阅读(56)  评论(0编辑  收藏  举报