Index search error on list over 1k IOCs

Hi, the doc says a list can support up to 100k items. However I found that it throws an error when search against a list of over 1k items.

Here’s the query:
class=paloalto_traffic dstipv4: $malicious_cidrs1

If the list “malicious_cidrs1” contains over 1k IOCs, it will throw this error:
Elasticsearch StatusException[Elasticsearch exception [type=search_phase_execution_exception, reason=all shards failed]]; nested: [Elasticsearch exception[type=too_many_clauses, reason=too_many_clauses: maxClauseCount is set to 1024]]

This seriously limits the goal of my task. Please advise.

Hello Gregory,

Sorry for the late reply. Is this still an ongoing issue? or have you resolved this