Menu
I want to get the results that do not match "statusCode": 200
In order to match text from field you use
GET index01/_search?pretty
{
"query":{
"match":{
"statusCode": 200
}
}
}
I tried something like this:
GET ucs_heartbeat/_search?pretty
{
"query":{
"match":{
"statusCode":{
"query": 200,
"operator": "must_not"
}
}
}
}
According to: https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-bool-query.html
334
Similarly, to find documents whose field value is NOT equal to a given query string, you can do so using the NOT operator. If you want to find documents whose field value does not match multiple values, you need to use a space separated list. NOTE: you can also get the same results using a must_not boolean query.
Using must_not tells Elasticsearch that document matches cannot include any of the queries that fall under the must_not clause. should – It would be ideal for the matching documents to include all of the queries in the should clause, but they do not have to be included.
The match query analyzes any provided text before performing a search. This means the match query can search text fields for analyzed tokens rather than an exact term. (Optional, string) Analyzer used to convert the text in the query value into tokens. Defaults to the index-time analyzer mapped for the <field> .
Minimum Should Match is another search technique that allows you to conduct a more controlled search on related or co-occurring topics by specifying the number of search terms or phrases in the query that should occur within the records returned.
Try this instead
GET ucs_heartbeat/_search?pretty
{
"query": {
"bool": {
"must_not": [
{
"term": {
"statusCode": 200
}
}
]
}
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
