Delete Data from ES based on query

Hello All,

I have some data in Elasticsearch which i want to get rid of. Well, not all of them but that matches a certain search query.

eg:

responseElements.assumedRoleUser.arn = arn:aws:sts::xxxxxxx:assumed-role/ReadOnly/Instance_Crawler

Above is a field in cloudtrail data that i want to get rid of. How can i achieve such a thing where i delete all the documents that matches thing query.

--
Niraj

Have a look at https://www.elastic.co/guide/en/elasticsearch/reference/5.2/docs-delete-by-query.html

Thanks @warkolm. Appreciate the quick response.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.