Create alias using filter to exclude certain value

reswob · March 8, 2018, 5:45pm

According to Aliases API | Elasticsearch Guide [8.11] | Elastic, I can create an alias for certain events in an index, like all events with a certain tag. I would like to create an alias for all events in an index WITHOUT that tag. I'm having trouble finding the exact syntax for to do that.

POST /_aliases
{
"actions" : [
{
"add" : {
"index" : "test1",
"alias" : "alias2",
"filter" : { "term" : { "user" : "kimchy" } }
}
}
]
}

Should it be "filter": {"not": { "term" : { "user" : "kimchy" } } } ?

Thanks

dadoonet · March 8, 2018, 8:31pm

Use a bool query with a must_not clause.

reswob · April 3, 2018, 1:31pm

This worked.

Sorry for the delay in response, I finally got to test this answer.

More details and syntax here: https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-aliases.html#filtered

system · May 1, 2018, 1:31pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Alias APIs in ElasticSearch Elasticsearch	4	179	December 15, 2022
Creating alias with field exclusion Elasticsearch	1	789	July 5, 2017
Alternative to using filtered index alias Elasticsearch	2	347	October 10, 2020
How to create index alias with a filter on a nested field? Elasticsearch	1	801	December 16, 2019
Is there any way to create aliases for new (Future) index also in elasticsearch? Elasticsearch	4	923	July 5, 2017

Create alias using filter to exclude certain value

Related topics