I have an Elasticsearch data set with 20 million rows spread over 365 daily indexes in Elasticsearch. If I query the data as follows:

my_src_data-2018=7..

I get an error 400.

If however, I query like the following:

my_src_data-2018=7.01.*

then it works fine.

As a temporary workaround I a saved query for each month and in my client tool (Tableau) I union all 12 months together. But this is a laborious solution for many data sets.

I saw in another thread other people had hit this as well. Is there any fix in the works?

I’ll let others comment on the syntax for your wildcard, but wanted to mention that you could manage the union all as a virtual dataset, then connect to a single dataset via Tableau rather than doing the union in Tableau.

That’s a good idea - I will definitely give that a try.