JasperFennet JasperFennet - 6 months ago 37
Python Question

Ealasticsearch results exactly as parameter

I'm trying to filter logs based on the domain name. for example i only want the results of domain: bh250.example.com.

when i use the following query:


the first 3 results have a domainname: bh250.example.com where the 4th having bh500.example.com

I have read several documentations on how to querry to elasticsearch but I seem to miss something. I only want results having 100% match with the parameter.

UPDATE!! After question from Val

queryFilter = Q("match", domainname="bh250.example.com")

search=Search(using=dev_client, index="logstash-2016.09.21").query("bool", filter=queryFilter)[0:20]

Val Val

You're almost there, you just need to make a small change:

                                                          ^                  ^
                                                          |                  |
                                   use colon instead of equal... and double quotes