Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
Dashboards 2.12.0
opensearch-py 2.7.0
Describe the issue:
I have a Python script to download records when we hit the limit of what can be created as a report through Dashboards. Dashboards reports 2-10x the number of records found compared to what I get using Python.
For example
When I search for A_QUERY_TERM, with filter tags is A_TAG over the past 20 days, Dashboards reports 4,370 hits.
With Python and a query string of '{"size": "10000", "query": {"bool": {"filter": [{"terms": {"tags": ["A_TAG"]}}, {"range": {"@timestamp": {"from": "now-20d", "to": "now"}}}], "must" : [{"match": {"message": "A_QUERY_TERM"}}]}}}' I only get 1993 hits.
Is my query string just wrong?