how to Identify the special characters in query_string？

Yelp / elastalert

Easy & Flexible Alerting With ElasticSearch

https://elastalert.readthedocs.org

Apache License 2.0

7.99k stars 1.74k forks source link

how to Identify the special characters in query_string？ #1439

Open shylqy opened 6 years ago

shylqy commented 6 years ago

I want to alert with the special character such as . or / or " or < . According to the https://www.elastic.co/guide/en/elasticsearch/reference/5.5/query-dsl-query-string-query.html，I use \ to reserve character,but the results results not expected. here is my config file with es5.4：( I want to detect ../../ ):

filter:

query_string: query: "method: ..\/..\/"

In addition，< and > can’t be escaped at all? but I want to detect ' o r " ,how can I do?

Really looking forward to your reply!!

xuanhai266 commented 6 years ago

I have the same problem. I want to query a field that contains hyphen character ("-"). I tried to use "\" to reserve character but it was error. I think it's bug. Please check and give us the feedback as soon as possible.

xuanhai266 commented 6 years ago

I found a solution for that. We can query by using ".keyword". For example:

filter:
- query:
      query_string:
        query: "HostName.keyword: my-hostname"