I'm trying to filter logs based on the domain name. for example i only want the results of domain: bh250.example.com.
when i use the following query:
the first 3 results have a domainname: bh250.example.com where the 4th having bh500.example.com
I have read several documentations on how to querry to elasticsearch but I seem to miss something. I only want results having 100% match with the parameter.
UPDATE!! After question from Val
queryFilter = Q("match", domainname="bh250.example.com")
search=Search(using=dev_client, index="logstash-2016.09.21").query("bool", filter=queryFilter)[0:20]
You're almost there, you just need to make a small change:
http://localhost:9200/_search?pretty&size=150&q=domainname:"bh250.example.com" ^ ^ | | use colon instead of equal... and double quotes