I'm trying to view a list of user agents connecting to my web server. I wrote this (working) query:
{
"query": {
"regexp": {
"useragent": {
"value": "Mozilla/5.0 \\(Windows.*"
}
}
}
}
But while I was trying to get the Invert match (similar to -v in Grep) couldn't find the answer.
I saw this post - elastic search query filter out ids by wildcard But it didn't work - tryied copy pase, only filter, only must_not, with and without bool, with and without match_all.
I also searched in Google for the answer with no luck.
Can anyone please help me?
Use must_not clause of bool query as below:
{
"query": {
"bool": {
"must_not": [
{
"regexp": {
"useragent": {
"value": "Mozilla/5.0 \\(Windows.*"
}
}
}
]
}
}
}