Regex 在elasticquery中不能添加多个
我希望达到以下目标:Regex 在elasticquery中不能添加多个,regex,
elasticsearch,Regex,
elasticsearch,我希望达到以下目标: 日志消息不应包含太多连接 必须显示日志消息 日志消息不得包含任何连接 “不得”查询为: "must_not" => [ "regexp" =>[ "LogMessage" => ".*Too many connections.*" ] ], "must_not" => [
包含任何连接
"must_not" => [
"regexp" =>[
"LogMessage" => ".*Too many connections.*"
]
],
"must_not" => [
"regexp" =>[
"LogMessage" => "^.{0,0}$"
]
],
"must_not" => [
"regexp" =>[
"LogMessage" => ".*no conn.*"
]
],
但是上面的操作不正常。请尝试以下操作:
"must_not" => [
[
"regexp" =>[
"LogMessage" => ".*Too many connections.*"
]
],
[
"regexp" =>[
"LogMessage" => "^.{0,0}$"
]
],
[
"regexp" =>[
"LogMessage" => ".*no conn.*"
]
]
]
这也是有效的:
“regexp”=>[“LogMessage”=>“*没有连接。*|.*连接太多。*| ^.{0,0}$”],
尝试将“^.{0,0}$”
替换为“{0}”
。如果不起作用,问题在于代码逻辑。此外,请尝试类似于+&~(.*)(连接太多,无连接)。*)
的必须逻辑。上述条件是否满足我的条件?是的,但这些只是regex修复。然而,对于查询本身,我并不确定。