This processor executes an update operation against one or more indices using the _update_by_query handler. The query should be a valid Elasticsearch JSON DSL query (Lucene syntax is not supported). An optional Elasticsearch script can be specified to execute against the matched documents. An example query with script:

        {
            "script": {
                "source": "ctx._source.count++",
                "lang": "painless"
            },
            "query": {
                "match": {
                    "username.keyword": "john.smith"
                }
            }
        }
    

To update all of the contents of an index, this could be used:

        {
            "query": {
                "match_all": {}
            }
        }