Hi,
Following the advice given at Combining simple_query_string with range and fuzziness, I have came up with the following query:
query = {
size: 500,
from: event.currentPage,
"query": {
"indices": {
"indices":legit_indexes,
"query": {
"query_string": {
"query": '*'
},
"filter":{
"range": {
"@timestamp": {
"gte": "now/d",
"time_zone": "-3:00"
}
}
}
},
"no_match_query": "none"
}
},
"aggs": {
"types": {
"terms": {
"field": "datasource"
}
}
}
};
However this is still bringing me all the documents in the Elastic Search cluster! Does anybody know what is wrong about the query?