Delete Data from ES based on query

Hello All,

I have some data in Elasticsearch which i want to get rid of. Well, not all of them but that matches a certain search query.


responseElements.assumedRoleUser.arn = arn:aws:sts::xxxxxxx:assumed-role/ReadOnly/Instance_Crawler

Above is a field in cloudtrail data that i want to get rid of. How can i achieve such a thing where i delete all the documents that matches thing query.


Have a look at

Thanks @warkolm. Appreciate the quick response.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.