Hi,
I’m new to ELK. For searching, I’m using dev tools in kibana. I want to find all the results that do not match a wildcard term.
"must_not": [
{"wildcard": {
"agent.keyword": {"value":"python*"}
}}]
It returns "[must_not] query malformed, no start_object after query name"
Can we use must_not with wildcard statement?
Hi @geeky_human
Are you using the "must_not" inside the Bool Query?
{
"query": {
"bool": {
"must_not": [
{
"wildcard": {
"agent.keyword": {
"value": "python*"
}
}
}
]
}
}
}
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.