Here's a link to my SO question no one answered:
https://stackoverflow.com/questions/54962586/elasticsearch-curl-error-when-trying-to-search
To reiterate from that question, I have an index called threat-reports, and one of the tags is Title, which contains something along the lines of CVE-1999-0001.json, CVE-1999-0002.json, etc. I entered in a query in Kibana to match only the Title CVE-1999-0003.json and Kibana came up with this query:
{
"query": {
"match": {
"Title": {
"query": "CVE-1999-0003.json",
"type": "phrase"
}
}
}
}
However, when I try and convert that to a curl command (since I can't find a place in Kibana to do so), my command looks like this (which seems to work for other things just fine):
curl -X GET "localhost:9200/_search?pretty" -H 'Content-Type: application/json' -d '
{
"query": {
"match": {
"Title": {
"query": "CVE-1999-0003.json",
"type": "phrase"
}
}
}
}
'
But curl returns
{
"error" : {
"root_cause" : [
{
"type" : "parsing_exception",
"reason" : "[match] query does not support [type]",
"line" : 7,
"col" : 17
}
],
"type" : "parsing_exception",
"reason" : "[match] query does not support [type]",
"line" : 7,
"col" : 17
},
"status" : 400
}
Does anyone know how to fix this? I really need to be able to index my titles so that I don't add a duplicate entry in the database.