Getting subsequent lines after search string


(sree) #1

Hi,
I have a requirement in elastic search to display n lines after the search result. So I will search with an expression and when I select the search result, it should display n lines after that. Is there a way to retrieve the continuous lines after search result?

thanks
Sree


(Mark Walkom) #2

What do you mean by lines?


(sree) #3

Hi,
For example if I have a log.file with lines
"Sample logs line1...
Sample log line2.....
Sample log line3..." and if I search for line1, I will get "Sample logs line1",
After that I need to extract the other lines below it...

"Sample log line2.....
Sample log line3..."

Can I use any features of ES here?
I am using logstash to index the logs and need to extract the snippet after searching a string.

thanks
Sree


(Mark Walkom) #4

You could use scan/scroll, but you would then have to figure out where your line is.


(sree) #5

Could you please give some details?
"but you would then have to figure out where your line is.", do you mean document position?
I can get the document with that particular line...


(Mark Walkom) #6

https://www.elastic.co/guide/en/elasticsearch/reference/2.1/search-request-scroll.html is scroll.


(system) #7