Query to see if a field contains a string using Query DSL

Question

I am trying to filter Kibana for a field that contains the string "pH". The field is called extra.monitor_value_name. Examples of potential values are Temperature_ABC01, DO_ABC01, or pH_ABC01.

Kibana's Elasticsearch Query DSL does not seem to have a "contains string" so I need to custom make a query.

I am new to Query DSL, can you help me create the query?

Also, is it proper to call it Query DSL? I'm not even sure of proper wording.

Please add mapping of index and sample document. – Nishant Mar 14 '19 at 03:31 — Nishant, Mar 14 '19 at 03:31

score 8 · Accepted Answer · answered Mar 16 '19 at 01:39

Okay! Circling back with an answer to my own question.

My initial problem stemmed from not knowing about field_name vs field_name.keyword. Read here for info on keyword here: What's the difference between the 'field' and 'field.keyword' fields in Kibana?

Solution 1

Here's the query I ended up using. I used a regexp query. I found this article useful in figuring out syntax for the regexp:

{
  "query": {
    "regexp": {
      "extra.monitor_value_name.keyword": "pH.*"
    }
  }
}

Solution 2

Another way I could have filtered, without Query DSL was typing in a search field: extra.monitor_value_name.keyword:pH*. One interesting thing to note was the .keyword doesn't seem to be necessary with this method. I am not sure why.

How to do a not contains `"pH.*"`? – Murtaza Haji Dec 16 '21 at 19:19 — Murtaza Haji, Dec 16 '21 at 19:19

score 5 · Answer 2 · answered Dec 24 '21 at 10:20

5

try this in filter using Elasticsearch Query DSL:

{
  "query": {
    "wildcard": {
      "extra.monitor_value_name": {
        "value": "pH.*"
      }
    }
  }
}

answered Dec 24 '21 at 10:20

Johnny Cage

5,526
2
11
7

Query to see if a field contains a string using Query DSL

2 Answers2