Elasticsearch query must not match text from field

Question

I want to get the results that do not match "statusCode": 200

In order to match text from field you use

GET index01/_search?pretty
{
  "query":{
    "match":{
      "statusCode": 200
    }
  }
}

I tried something like this:

GET ucs_heartbeat/_search?pretty
{
  "query":{
    "match":{
      "statusCode":{
        "query": 200,
        "operator": "must_not"
      }
    }
  }
}

According to: https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-bool-query.html

note that there is no operator called must_not for match query. Only available operators are and(default) and or. Consider using term query over match query for all structured fields like keyword, numbers — avr

Val Val · Accepted Answer · 2017-04-06T10:33:58

Try this instead

GET ucs_heartbeat/_search?pretty
{
  "query": {
    "bool": {
      "must_not": [
        {
          "term": {
            "statusCode": 200
          }
        }
      ]
    }
  }
}

Elasticsearch query must not match text from field

1 Answers