I'm trying to search using prefix and range.
This works:
GET /traffic-*/_search
{
"query": {
"prefix": {
"src": {
"value": "192."
}
}
}
}
But when I try to throw in range I get an error:
GET /traffic-*/_search
{
"query": {
"prefix": {
"src": {
"value": "192."
}
},
"bool": {
"must": [
{
"range" : {
"score" : {
"gte": 7
}
}
}
]
}
}
}
Here's the error:
{
"error": {
"root_cause": [
{
"type": "parsing_exception",
"reason": "[prefix] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line": 8,
"col": 5
}
],
"type": "parsing_exception",
"reason": "[prefix] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
"line": 8,
"col": 5
},
"status": 400
}
I tried it a lot of other ways, including like this, but still got the same error:
GET /traffic-*/_search
{
"query": {
"bool": {
"must": [{
"prefix": {
"src": {
"value": "192."
}
},
"range" : {
"score" : {
"gte": 7
}
}
}]
}
}
}
How do I correct this syntax?
Try add "prefix" and "range" query inside Must Bool Query. Like this:
{
"query": {
"bool": {
"must": [
{
"prefix": {
"src": {
"value": "192."
}
}
},
{
"range": {
"score": {
"gte": 7
}
}
}
]
}
}
}