Reputation: 485
ElasticSearch multiple string to search with wildcard query
I'm trying to have multiple wildcard query match in my elasticsearch query in Kibana. I can't quite figure it out.
Basically I want any document with an attribute type="erreur"
and I want to exclude all documents that match the strings "An established*" or "java.lang.*" on the field descr_courte
{
"query": {
"bool": {
"must": {
"term": {
"type": "erreur"
}
},
"must_not": {
"wildcard": {
"descr_courte": ["An established*", "java.lang.*"]
}
}
}
}
}
if I put a single wildcard query it works fine
{
"query": {
"bool": {
"must": {
"term": {
"type": "erreur"
}
},
"must_not": {
"wildcard": {
"descr_courte":
"An established*"
}
}
}
}
}
the error I get:
Error: Request to Elasticsearch failed: {"error":{"root_cause":[{"type":"illegal_state_exception","reason":"Can't get text on a START_ARRAY at 1:454"}],"type":"search_phase_execution_exception","reason":"all shards Any idea?
Upvotes: 2
Views: 13689
Answers (2)
Reputation: 5965
My guess is that you can't make an array for wildcard query like ["An established*", "java.lang.*"], so you need to:
{
"query": {
"{
"must": {
"term": {
"type": "erreur"
}
},
"must_not": {
"regexp": {
"descr_courte": "(An established|java\.lang\.).*"
}
}
}
}
}
More info about regexp query in https://www.elastic.co/guide/en/elasticsearch/reference/5.1/query-dsl-regexp-query.html
Another option is to combine your query terms with the logical operators NOT, AND and OR in the query string
{
"query": {
"query_string" : {
"query" : "type:erreur AND NOT(descr_courte:An established* OR descr_courte:java.lang.*)"
}
}
}
See more info at https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-query-string-query.html#_wildcards
Upvotes: 1
Reputation: 6871
Try putting them is separate clauses.
{
"query": {
"bool": {
"must": {
"term": {
"type": "erreur"
},
"must_not": [
{
"wildcard": {
"descr_courte": "An established*"
}
},
{
"wildcard": {
"descr_courte": "java.lang.*"
}
}
]
}
}
}
}
Upvotes: 4
Related Questions
- Using wildcards in phrases with Elasticsearch Query String Query
- How to query ElasticSearch with a wildcard
- Elasticsearch query with wildcard and match conditions
- Elasticsearch wildcard matching on multiple fields
- Elasticsearch query with wildcards
- Elasticsearch - Search with wildcards
- Elasticsearch query_string search using wildcard
- Elasticsearch - query_string with wildcards
- ElasticSearch using wildcard and term queries
- Filter a wildcard search in Elastic Search