Hello
I've got following Filter option (as an example):
source.ip : "10.10.10.10" and from.domain : "domain.com" or source.ip: "40.40.40.40" and from.domain : "otherdomain.com"
How do I "translate" this filter to an kql query?
note: I only want one query, not multiple.
I'm not sure I understand, the filter you have looks like it's already a KQL query. You can read the KQL docs here: Kibana Query Language | Kibana Guide [7.11] | Elastic
My bad.. I want to transform it to an "DSL Query".
The translated DSL is shown in the Inspect tab under the Request.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.