I'm trying to use the Elasticsearch filter in my logstash configuration to search a specific index for a term. I need help building the query. Would the following be valid?
{
"indices" : {
"indices" : [ "index1" ],
"query" : {
"term" : { "term1" : %{[event_field_name]} }
}
}
}
The documentation doesn't seem to give much info on more complex DSL queries:
https://www.elastic.co/guide/en/logstash/current/plugins-filters-elasticsearch.html
https://www.elastic.co/guide/en/elasticsearch/guide/master/search-lite.html should help, there are also other chapters that will help 
Thanks for the reply. That link didn't say anything about specifying an index. I even looked through the reference docs for Query String Query, which your link referenced. I didn't notice any way in search lite to specify index. I know this can be done in the request body search API.
Any other references are appreciated.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.