Solved: Re: Why do wildcards in the middle of a string pro...

ddrillic · ‎12-18-2017

The studying material says that -

-- Wildcards in the middle of a string produce inconsistent results.

Why is it?

micahkemp · ‎12-18-2017

Check out the Splunk .conf talk by Martin Mueller:

Page 18 of 32.

woodcock · ‎04-22-2020

micahkemp · ‎12-18-2017

Check out the Splunk .conf talk by Martin Mueller:

Page 18 of 32.

nickhills · ‎12-18-2017

sounds like one for @martin_mueller to help with then 🙂

If my comment helps, please give it a thumbs up!

nickhills · ‎12-18-2017

I would say thats not correct at all.

String matching is very predictable, and I frequently match all kinds of things with *'s in the middle.

host=-uk--* matches LIVE-uk-web-02 perfectly.
Never had any problem with it.

Are you sure it didn't say "inefficient" - a query filled with wildcards is not as fast as something specifically defined

If my comment helps, please give it a thumbs up!

somesoni2 · ‎12-18-2017

From which documentation is this?

ddrillic · ‎12-18-2017

From the *Splunk Fundamentals Part 2 (IOD) * course.

Why do wildcards in the middle of a string produce inconsistent results?