How can I match a phrase which contains some keywords in a specific order?
GET /_myIndex/_search
{
"query": {
"bool": {
"must": [
{"match_phrase_prefix": {"CommandLine": "hidden*downloadstring*"}}
]
}
}
}
In the example above, I want to find any sequence of command line string which contains the term hidden and at some point after that the term downloadstring with anything that comes after that.
Is that the right API for that search or is there a better way of finding it?
Thanks for any help!
It seems like you're looking for a wildcard query
Here's an example from my project. I hope it helps you formulate your query:
GET my-index-*/_search
{
"_source": ["my.access.url"],
"query": {
"wildcard" : { "my.access.url" : "*downloadLinkOrStuff*" }
}
}