es使用wildcard方法查询attacker_ip不起效果
curl -X GET "localhost:9200/<index_name>/_search?pretty" -H 'Content-Type: application/json' -d'
{
"from": 0,
"size": 20,
"timeout": "60s",
"query": {
"bool": {
"must": [
{
"wildcard": {
"attacker_ip": {
"wildcard": "*10.88.3.*",
"boost": 1.0
}
}
},
{
"range": {
"modify_time": {
"from": 1734434659076,
"to": 1734521059076,
"include_lower": true,
"include_upper": true,
"boost": 1.0
}
}
},
{
"match": {
"leader": {
"query": true,
"operator": "OR",
"prefix_length": 0,
"max_expansions": 50,
"fuzzy_transpositions": true,
"lenient": false,
"zero_terms_query": "NONE",
"auto_generate_synonyms_phrase_query": true,
"boost": 1.0
}
}
}
],
"adjust_pure_negative": true,
"boost": 1.0
}
},
"sort": [
{
"modify_time": {
"order": "desc"
}
}
]
}