Find matching word in text file using elk

hi, can anyone help me, i want to find all sentneces containing a word in log or txt file using ELK, any examples plz

A match query would probably work. The documentation contains examples. Check it out.

thank you can you give me the link o the samle of filer and input, ouput in logstach and file beat

That's too vague. You probably need to understand first what filebeat is. Why do you think you need logstash ?

I recommend that you first read some blog post, watch some webinars and then you will have a better picture of what the stack is about.

But to sum up, I'd install

  • filebeat (to collect logs)
  • Elasticsearch (to index logs)
  • Kibana (to use the Logs Application)

no i am using fsrawler and i want to get the content and title of pdf that match a sentence ; what is the query to do that, i used a query but give gives me the content of all my pdfs files and this is not what i want

That'd have been useful to give that information at the beginning to avoid a waste of time.

So FSCrawler indexed your documents, right?

You ran a query? Which one?

You said you're unhappy with the result but could you share what exactly you'd like to se vs the current result?

this is th query:
GET bigdata/_search
{
"query" : {
"match_phrase": {
"content" : "Un monde"
}
}
}
i want to seacrch all the pdf containing "the sentence Un monde" but it returns all fiiles; i want just the title of file containing this sentence

I'm surprised.
Wondering how you are running the query, with which tool?

Any chance you are using Kibana dev console and that you added a blank line just after the GET /_search and the json body? Could you share a screenshot?

i am using kibana dev consol

Ok. And?

1 Like

i want the query to retrive only document contaiing the matched sentence

I know that. You are just not answering my questions so I can't help further.

1 Like

i have created index in fscrawler and i can do queries in kibana dev tools using "get index_name" or get index_name/_search but what i want is to list the content of files and information about files containing a specific sentence or word that i mut specify, i want the query to do that

Repeating my question:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.