In the moment I'm working on a little project for my company. Where I have to change our Grafana to elastic-collectd data source. But now I'm facing the problem that I'm searching for the type_instance:port-channel42. I can search for this:
host:"host-1" and plugin:snmp and collectd_type:if_octets and type_instance:"port-"
and get this out:
host: host-1 plugin: snmp type_instance: port-channel1257 collectd_type: if_octets tx: 123,392,862,080,243.016 type: collectd @version: 1 @timestamp: Sep 9, 2020 @ 11:44:20.338 rx: 73,221,669,458,084.984 id: 21tAcnQBk9LfI6whcwj _type: _doc _index: collectd-09-2020.09.09 _score: -
But if I enter the full word(type_instance:"port-channel42":
host:"host-1" and plugin:snmp and collectd_type:if_octets and type_instance:"port-channel42"
I am getting this output:
No results match your search criteria
I'm using Kibana 7.9.0!
Do I have to enter the port-channel41 other than I do?
Thanks for your help!
Index time tokens(generated from indexed docs) should match the search time tokens(generated from search terms) and in your case its not happening thats the cause of result not coming for your search query.
Please share your mapping so that I can pinpoint the exact issue and suggest a solution.