Query with multiple keywords

Leitner · November 23, 2021, 9:37am

Hi everyone,

I'm new on Elasticsearch. So sorry for my question

I want build a query in the console. With a single keyword it works great:

But with multiple keywords the Value of the hits is always 0.
Iv'e tested different ways. But none of them works.

Can someone tell me, whats wrong with my code?

GET _search
{
  "query": {
    "match": {
      "signal.rule.severity": {
        "query": "medium | high | critical"
      }
    }
  }
}

I read all manuals that I found. But i cant found the issue.

Thanks for your help
Patrick

dadoonet · November 23, 2021, 10:00am

Welcome!

Please don't post images of text as they are hard to read, may not display correctly for everyone, and are not searchable.

Instead, paste the text and format it with </> icon or pairs of triple backticks (```), and check the preview window to make sure it's properly formatted before posting it. This makes it more likely that your question will receive a useful answer.

It would be great if you could update your post to solve this.

Could you provide a full recreation script as described in About the Elasticsearch category. It will help to better understand what you are doing. Please, try to keep the example as simple as possible.

A full reproduction script is something anyone can copy and paste in Kibana dev console, click on the run button to reproduce your use case. It will help readers to understand, reproduce and if needed fix your problem. It will also most likely help to get a faster answer.

If those are keywords (as per mapping), you can use Terms query | Elasticsearch Guide [7.15] | Elastic

Leitner · November 23, 2021, 10:23am

Thanks a lot. Terms query is the solution!

GET _search
{
  "query": {
    "terms": {
      "signal.rule.severity": [ "medium", "high", "critical"]
    }
  }
}

system · December 21, 2021, 10:23am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.