Filter to query

paasi6666 · March 4, 2021, 4:46pm

Hello

I've got following Filter option (as an example):

source.ip : "10.10.10.10" and from.domain : "domain.com" or source.ip: "40.40.40.40" and from.domain : "otherdomain.com"

How do I "translate" this filter to an kql query?

paasi6666 · March 4, 2021, 4:47pm

note: I only want one query, not multiple.

wylie · March 4, 2021, 5:10pm

I'm not sure I understand, the filter you have looks like it's already a KQL query. You can read the KQL docs here: Kibana Query Language | Kibana Guide [7.11] | Elastic

paasi6666 · March 5, 2021, 7:20am

My bad.. I want to transform it to an "DSL Query".

wylie · March 5, 2021, 3:37pm

The translated DSL is shown in the Inspect tab under the Request.

system · April 2, 2021, 3:37pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Convert KQL string to Query DSL Kibana kql-kibana-query-language	2	4076	June 22, 2020
Is there a converter from a search in kibana to query language? Kibana	2	1232	September 28, 2021
Converting Search Query To Filter Kibana	4	1167	June 3, 2020
Filter by the same timestamp in Kibana Query DSL Kibana kql-kibana-query-language	3	470	August 12, 2022
Kibana Query Language (KQL) library to convert KQL to ElasticSearch Query Kibana	4	2609	July 27, 2021