Elasticsearch: Update by query example to strip passwords

strip_passwords.json

DELETE security-logs

POST security-logs/event/_bulk
{"index":{}}
{ "event": "login", "user": "aardvark", "password": "squishy"}
{"index":{}}
{ "event": "login", "user": "squishy",  "password": "aardvark"}
{"index":{}}
{ "event": "access", "application": "nginx", "ip": "10.1.1.1"}

POST security-logs/_update_by_query
{
  "script": {
    "inline": "ctx._source.password=\"********\""
  },
  "query": {
    "exists": { "field": "password"}
  }
}