Menu
I am running this query against AWS Elasticsearch 5.1 and getting a malformed query error. Here is the body of the request. I am basically just checking if the field exists during the time range.
{
"query": {
"bool": {
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"gt": "2017-03-21T15:37:08.595919Z",
"lte": "2017-04-21T15:52:08.595919Z"
}
}
},
{
"query": [
{
"query_string": {
"query": "_exists_: $event.supplier"
}
}
]
}
]
}
}
}
},
"sort": [
{
"@timestamp": {
"order": "asc"
}
}
]
}
838
The second must statement was incorrect:
{
"query": {
"bool": {
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"gt": "2017-03-21T15:37:08.595919Z",
"lte": "2017-04-21T15:52:08.595919Z"
}
}
},
{
"query_string": {
"query": "_exists_: $event.supplier"
}
}
]
}
}
}
},
"sort": [
{
"@timestamp": {
"order": "asc"
}
}
]
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
