How to return data that has particular columns in every _source dictionary in Elasticsearch?

I have an Elasticsearch query which is extracting data from the following fields "_source": ["data.service","data.vpn","data.policyid","data.srccountry1"] . While using the search function which gives only max hits of 10,000 I observe that in a lot of hits all _source values are not present.

Query :

{ 
"size" : 10000,
"_source": "_source": ["data.service","data.vpn","data.policyid","data.srccountry1"], 
      "query":{
        "bool": {
          "must": [
            {"match_phrase": {"data.action": "accept"}},
            {"match_phrase": {"location": "192.168.0.1"}}
          ]
        }
      }
    }

In some of the hits data.vpn is not present or data.srccountry1 is not present. How can I write a query where I need the hits to have all the _source field values?

Have you tried adding a few exists query clauses to your list of conditions?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.