Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
2.6
Describe the issue:
There are some different results wether I’m searching with fields like:
nginx or nginx.keyword. The wild cards are just not working the same way. I dont get the difference, and which should I be using.
It is very confusing…
Hey @tibz7
Are you stating that wild card for “fields” are not working? or the search like nginx=* doesnt work?
If I do:
log_file: \/var\/log\/nginx\/*\/*error* that return no results.
If I do: log_file.keyword: \/var\/log\/nginx\/*\/*error* that return me the expected results.
however the highligthning is not working
@Gsmitt do you have any idea ?
@tibz7 Do you see a difference if you so log_file: *error* and log_file.keyword: *error*?
Also, when you use log_file and get no results (I presume in Discover), can you please hit “Inspect” (top right of the screen) and go to Response; check it the hits were zero or if there was a problem.