[DOCS] EQL: Document endsWith function
#54521
Conversation
|
Pinging @elastic/es-docs (>docs) |
|
Pinging @elastic/es-ql (:Query Languages/EQL) |
| (Required, string or `null`) | ||
| Source string. If `null`, the function returns `null`. | ||
| + | ||
| If using a field as the argument, this parameter only supports the |
There was a problem hiding this comment.
With this PR I realized one small aspect here. It should be valid for all other string functions, though.
One can use a text field in the function and there won't be any exception and the query will work if that text field will have a keyword sub-field.
For example, the following mapping
"hostname" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 256
}
}
}
and the query process where endsWith(hostname, "foo") == true won't trigger an error.
There was a problem hiding this comment.
Valid statement for the other parameter, as well.
There was a problem hiding this comment.
Thanks again for pointing this out. Addressed with 508be06.
| [[eql-fn-endswith]] | ||
| === `endsWith` | ||
|
|
||
| Returns `true` if a source string ends with a provided substring. |
There was a problem hiding this comment.
This function is case insensitive, as well. And I believe it's worth being mentioned in docs.
There was a problem hiding this comment.
Thanks! Addressed with 508be06.
Adds documentation for the EQL
endsWithfunction.Relates to #54442.