stackoom
  简体   繁体   中英

Exclude in elasticsearch query gives failed to parse search source. expected field name but got [START_OBJECT]

 原文  2017-02-28 12:42:46       curl/ elasticsearch/ kibana

Question

I have following query, which 1. get all data with logtype error. 2. exclude all data in which there is error occured in logmessage fields. 

curl -s -XGET 'localhost:9200/index_name/type/_search?pretty=true&size=10' -d '
{
    "query": {
        "match" : {
            "logtype" : "error"
        },
        "should": {
            "bool": {
               "must_not": {
                  "match": {
                     "logMessage": "*error occured*"
                  }
               }
            }
         }
    }
}
'

But the above command gives: 

 {
    "error": {
        "root_cause": [{
            "type": "parse_exception",
            "reason": "failed to parse search source. expected field name but got [START_OBJECT]"
        }],
        "type": "search_phase_execution_exception",
        "reason": "all shards failed",
        "phase": "query",
        "grouped": true,
        "failed_shards": [{
            "shard": 0,
            "index": "indexname",
            "node": "HxII3rajS4KP5dkP-ZvPSw",
            "reason": {
                "type": "parse_exception",
                "reason": "failed to parse search source. expected field name but got [START_OBJECT]"
            }
        }]
    },
    "status": 400
 }

How can it be solved?

1 answers

solution1
 1 ACCPTED  2017-02-28 12:58:57

Try this: 

curl -s -XGET 'localhost:9200/index_name/type/_search?pretty=true&size=10' -d '{
  "query": {
    "bool": {
      "must": {
        "match": {
          "logtype": "error"
        }
      },
      "must_not": {
         "match": {
           "logMessage": "*error occured*"
         }
      }
    }
  }
}'

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Problem with Elasticsearch query - [range] malformed query, expected [END_OBJECT] but found [FIELD_NAME] Is there any way to query elasticsearch using curl for multiple documents to extract field values from _source? Elasticsearch long query fails to search Elasticsearch field not supported in range query return only _source data from elasticsearch query Elasticsearch Use Search Query for Deleting the results Elasticsearch Search Query using curl and subprocess: Illegal Argument Exception How to translate an ElasticSearch multimatch search query from cURL into JAVA? How to update existing datatype of a field in elasticsearch ? (“No handler for type [text] declared on field [Name]”) Elasticsearch query to retrieve particular _source value for a particular type for all ID's
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM