Hey, search query doesn't return either of the values
GET /_search
{
"query": {
"bool": {
"must": [
{
"term": {
"source": "/var/log/elasticsearch/server1/xxx-1.log"
}
},
{
"term": {
"source": "/var/log/elasticsearch/server2/xxx-1.log"
}
},
{
"term": {
"source": "/var/log/elasticsearch/server3/xxx-1.log"
}
}
]
}
}
}
This works if the source field must match 3 values?? I want to get the indices that match any value of the 3 paths specified. Is there any other way?
Change must clause to should. It will return all documents that match at least one of these 3. Documents that match more clauses will get higher scores and hence ranks.
Thanks!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.