elasticsearch 7.6.2版本即使使用wildcard模糊查询，也毫无过滤效果分析

es使用wildcard方法查询attacker_ip不起效果

curl -X GET "localhost:9200/<index_name>/_search?pretty" -H 'Content-Type: application/json' -d'

{

"from": 0,

"size": 20,

"timeout": "60s",

"query": {

"bool": {

"must": [

{

"wildcard": {

"attacker_ip": {

"wildcard": "*10.88.3.*",

"boost": 1.0

}

}

},

{

"range": {

"modify_time": {

"from": 1734434659076,

"to": 1734521059076,

"include_lower": true,

"include_upper": true,

"boost": 1.0

}

}

},

{

"match": {

"leader": {

"query": true,

"operator": "OR",

"prefix_length": 0,

"max_expansions": 50,

"fuzzy_transpositions": true,

"lenient": false,

"zero_terms_query": "NONE",

"auto_generate_synonyms_phrase_query": true,

"boost": 1.0

}

}

}

],

"adjust_pure_negative": true,

"boost": 1.0

}

},

"sort": [

{

"modify_time": {

"order": "desc"

}

}

]

}

解决方法：需要升级elasticsearch版本，从7.6.2升级至7.10.2版后，问题解决