Complex query in Kibana

Hello,

Is it possible to do a complex query in Kibana.

For example, i have tree rows:

{ip: 127.0.0.1, type: "type #1"}
{ip: 127.0.0.1, type: "type #2"}
{ip: 192.168.0.1, type: "type #1"}
{ip: 192.168.0.88, type: "type #2"}

Let say we want all the IPs who have the type : "type #1 AND type #2".
The result would be two rows:

{ip: 127.0.0.1, type: "type #1"}
{ip: 127.0.0.1, type: "type #2"}

Is this possible in Kibana?

Thank you

Hi there,

Yes it is possible to do a complex query. For your example, the query would look like this:

type:"type #1" OR type:"type #2"

For more info, check out these references:

• https://www.elastic.co/guide/en/kibana/current/discover.html#search
• https://www.elastic.co/guide/en/elasticsearch/reference/current//query-dsl-query-string-query.html#query-string-syntax

Thanks,
CJ

Hello CJ,

thank you for the feedback!

However, I don't think this is the answer I am looking for.
In this case, doing:
type:"type #1" OR type:"type #2"
will return me all fields described above, because all the fields described above are of Type 1 or 2.

What I want is a query based on the IP.
The results would be all IP that are AND of type 1, AND of type 2, but would not include IPs that only have one type. I know we can do relations in elasticsearch, but I would like to know how to query those on Kibana.

Thank you,

This is a bit complicated, but I think it's a clue to what you're trying to do. You could used the Advanced JSON Input field.