How can we search for ranges IP addresses in fields with a query

"query": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"from": 1426752000000,
"to": 1426755600000
}
}
},
{
"match": {
"status": "success"
}
}
],
"must_not": [
{
"query_string": {
"query": "clientip:[10.44.0.0 TO 10.44.255.255]"
}
}
],
"should": [
{
"term": {
"eventid": "627"
}
},
{
"term": {
"eventid": "675"
}
}
],
"minimum_should_match": "1"
}
},
"aggs": {
"group_by_username": {
"terms": {
"field": "username",
"size": 10,
"min_doc_count": 20
},
"aggs": {
"group_by_clientip": {
"terms": {
"field": "clientip",
"size": 10
}
}
}
}
}

but this can not filter out 10.44.83.54 etc, the result is :
{
"key" : "mail",
"doc_count" : 20,
"group_by_clientip" : {
"buckets" : [ {
"key" : "10.44.85.20",
"doc_count" : 5
}, {
"key" : "172.22.2.41",
"doc_count" : 5
}, {
"key" : "10.44.83.54",
"doc_count" : 4
}, {
"key" : "172.22.2.52",
"doc_count" : 2
}, {
"key" : "10.23.237.59",
"doc_count" : 1
}, {
"key" : "10.44.82.25",
"doc_count" : 1
}, {
"key" : "10.44.82.44",
"doc_count" : 1
}, {
"key" : "10.44.83.53",
"doc_count" : 1
} ]
}
}

how can we filter out these ip by 10.44.0.0/16 ?

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/2d89c59a-3614-4192-834c-6f189a2df867%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.