Hi, I have a dataset, which one of the lines is:
{
"_index": "indextest-2017-05-31",
"_type": "logs",
"_id": "AVxeLzGIOlq6smY9OlAe",
"_score": null,
"_source": {
"date": "2017-03-01T10:59:48.758Z",
"ip": "10.20.122.115",
"message": "2017-03-01 10:59:48.7584;59514263-43bd-47a5-bc36-17dfa62b2730;10.20.122.115;;HomeController_Index;Load home page;;0;1030\r",
"x_8": "Load home page",
"path": "/data/Logs/csvfiles/Files9col/alfr-vdfapp-05_cloudactivation_2017-03-01.csv",
"x_7": "HomeController_Index",
"x_10": 0,
"app_name": "cloudactivation",
"@timestamp": "2017-05-31T11:06:10.008Z",
"@version": "1",
"host": "alfr-vdfapp-05",
"guid": "59514263-43bd-47a5-bc36-17dfa62b2730",
"response_time": 1030
},
"fields": {
"date": [
1488365988758
],
"@timestamp": [
1496228770008
]
},
"sort": [
1488365988758
]
}
I'm tryng to use reindex, to filter specific rows,for example the row above. How can I do it by specifying, for example, the 'index', 'app_name' and 'response_time'? I tried to do this but doesn't work. If I use 'match' instead of 'multi_match' and only specify the 'app_name' it works but I wanted to specify 'response_time' also:
POST _reindex
{
"source": {
"index":"indextest-2017-05-31",
"query": {
"multi_match": {
"app_name": "cloudactivation",
"response_time": 1030
}
}
},
"dest": {
"index": "test2"
}
}
NOTE: I'm doing it in kibana dev tools