Wildcard Queries and Fuzzy Matches

In certain circumstances, you may need to use a wildcard query. For example, you may want to find data on any classification name that contains Malware in its name (Malware X, Malware Y, Malware Z, etc.). If you run a query using the term Malware, your search results will display only exact matches. You will see data for Malware but not for Malware X, Malware Y, or Malware Z. To get the data you are looking for, you need to use a wildcard query. 

For one-word wildcard filtering, remove the quotation marks and place an asterisk (*) where you would like to use a wildcard.

For wildcard searches using multiple terms, use forward slashes (in place of quotation marks) to indicate regex syntax. In Lucene queries, the set of operators for wildcard searches is limited when compared to the full Java-supported regex.

For single-character wildcards, use a period and question mark combination (.?).

For multi-character wildcards, use an asterisk (*) when your search term contains a single word. When your search term contains multiple words, use a period and asterisk combination (.*).

You can also use wildcard queries to filter results by blank or non-blank term fields.

To use a fuzzy match to locate terms similar to what you type, use a tilde (~) with no quotations marks or slashes.