Composite Filter and or Quarry?

iukea · June 15, 2019, 11:43pm

Hello is there a way to filter out results in a composite search?

is there a way to set up a filter and or could I use a quarry?

if so how would that look in the DSL search language?

HenningAndersen · June 16, 2019, 3:15pm

you can use the bool query to create composite queries, for instance:

GET test/_search
{
  "query" : {
    "bool" : {
      "filter": [
	{"range": {"timestamp1": {"gte": "now-1w"}}},
	{"range": {"timestamp2": {"gte": "now-2d"}}}
      ]
    }
  }
}

iukea · June 16, 2019, 6:06pm

Thank you!

would there be a way to do a composite search that grabs all the src_ips from my NGIX logs and filter out the Src_IPs from my Apache logs?

Those logs are in the same index, but there I tell them apart by

type : Apache
   - Src_ip

and

 type: NGIX  
     -Src_ip

system · July 14, 2019, 6:07pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Composite search question and error (need help please) Elasticsearch	2	530	December 31, 2019
ElasticSearch dedupe quarry/ Aggregation question (I am a noob) Elasticsearch	2	433	June 14, 2019
Composite and excluding results Elasticsearch	2	377	July 1, 2019
ElasticSearch and composite and filters Elasticsearch	2	343	July 8, 2019
Do filter in the aggregations with composite Elasticsearch	1	349	May 12, 2020

Composite Filter and or Quarry?

Related topics