Content match in elasticsearch query over date range

Hello,

Trying to execute query over an index for the last 5 minutes, where message field contain word IIOP_CLEAR_TEXT. Would like to get all the results, via pagination as well using 10000 records per page. How can this be done via curl?

I think this query might help you out.

curl -XGET "http://youresurl:9200/index_name/_search" -H 'Content-Type: application/json' -d'{ 
 "size": 10000, 
 "from": 0,  
 "query": {   
 "bool": {
          "must": [      
                     { 
                       "match": {  
                                "message": "IIOP_CLEAR_TEXT"        
                                }
                           }
                      ]
                }
        }
}'

Thanks for the reply, how would I include date range into this?

Never mind, used filter, to apply the range, thanks alot again for the help

1 Like

Actually, if I wanted to do multiple matches with or operator, would I change must, if so to what would it be? I will have to match in the array in that case.

I didn't understand what exactly you meant but i hope this might help you.

GET /my-index-000001/_search
{
  "size": 10000,
  "from": 0,
  "query": {
   "multi_match": {
     "query": "IIOP_CLEAR_TEXT",
     "fields": ["title","content","field_name"],
     "operator": "or"
   }
  }
}

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.