Often when working with Kibana, I want my result set to contain only results that have a specific term. I'm not interested in filtering on the value of the term. I'm only interested in the results that contain the term.

The Apache Lucene Query Syntax docs fail to provide any specific way to do this. However with a bit of googling, I came across this issue on the Kibana Github Page. According to rashidkpc, there's an extension to the lucene syntax which allows you to do: _exists_: <field> and it's opposite _missing_:<field>.

I was able to remove results from my apache log where there was no referer by adding _exists_: referer to my query.