Elasticsearch query for two logs into one log

shwesinhan · March 19, 2018, 3:15am

hi there!

could i have any idea for below situation.

i have these two logs

2018-03-19 09:51:04,500 (null) 19 WARN : mypage: TEST :: mnost2bj2pnqdzjajkvio20u :: Frontend Response : <FResponse><version>9.1</version><timeStamp>190318095104</timeStamp><RefID>1001</RefID></FResponse>

2018-03-19 09:51:04,500 (null) 19 WARN : mypage: TEST :: knost3bj2pnqdzbajkvio30u :: Backend Response : <BResponse><version>9.1</version><timeStamp>190318095104</timeStamp><RefID>1001</RefID></BResponse>

These two logs have same RefID which is already done with grok pattern. I want to assume that if i found these two logs with same RefID, i just want to count 1 time in kibana.

Is there any elasticsearch query to do like that?

I would appreciate for any advice.

system · April 16, 2018, 3:16am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Compare fields and report Kibana	5	301	February 3, 2023
Elasticsearch Filter query log Elasticsearch	1	326	October 21, 2019
Query to match two separate events where one follows the other Elasticsearch	2	544	April 26, 2018
I'm receiving just one log Kibana	28	972	August 7, 2018
Querying elastic for very recent log Logstash	6	411	April 28, 2018

Elasticsearch query for two logs into one log

Related topics