Hi, I am just starting out with Elasticsearch and Grafana. I keep stumbling upon an issue for which I can’t seem to find a good reference.
I am setting up a Grafana board where I want to have entries from my Elasticsearch datasource that match xyz-2* (xyz could be any lettered string of length 3, followed by dash, followed by the digit 2).
For this I set up the following templating variable:
{“find”: “terms”, “field”: “display_name.keyword”, “query”:“display_name.keyword:xyz-2*”}
where display_name is the field name that I want to match the above-mentioned string.
Now this approach seemed to work, I got the entries I was looking for. However I also got a lot of error messages (GBs/day worth of logs) that boiled down to:
"Caused by: org.apache.lucene.queryparser.classic.ParseException: Cannot parse ‘display_name:()’: Encountered " “)” “) “” at line 1, column 14.”
Then I removed the .keyword from the query (field stayed as it was) and got no more errors. However I am then getting all xyz-* entries.
Does anybody have an idea how to fix the query and not get any errors?