Skip to content

Commit

Permalink
Improving notebook for lucene conform regex filter 2.
Browse files Browse the repository at this point in the history
  • Loading branch information
MoessnerFabian(Group) committed Oct 24, 2024
1 parent 7f4d22a commit e67d2c6
Showing 1 changed file with 4 additions and 4 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
"cell_type": "markdown",
"metadata": {},
"source": [
"# Lucene Regex Filter\n",
"# Lucene regex filter\n",
"This presentations contains an example of a filter with a lucene conform regular expression. \n",
"A concatenator that merges different fields form an event is used as a processor for demonstrating the filter function. \n",
"\n",
Expand Down Expand Up @@ -107,7 +107,7 @@
],
"source": [
"rule_yaml = \"\"\"---\n",
"filter: 'data_stream.type: \".*logs.*\"' \n",
"filter: 'data_stream.type: \".*lo.*\"' \n",
"regex_fields:\n",
" - \"data_stream.type\"\n",
"concatenator:\n",
Expand All @@ -128,7 +128,7 @@
"cell_type": "markdown",
"metadata": {},
"source": [
"### Lucene conform version"
"### Lucene conform version without the need of regex_fields"
]
},
{
Expand All @@ -148,7 +148,7 @@
],
"source": [
"rule_yaml2 = \"\"\"---\n",
"filter: 'data_stream.type: \"/.*logs.*/\" AND data_stream.type: \"/.*logs.*/\"' \n",
"filter: 'data_stream.type: \"/.*lo.*/\"' \n",
"concatenator:\n",
" source_fields:\n",
" - data_stream.type\n",
Expand Down

0 comments on commit e67d2c6

Please sign in to comment.