I'm wondering if this is possible in Kibana? I have similar entries in an ElasticSearch instance (in the same index). I want to use data from 1 query to drive the results in another query. My data looks something like this:
Entry 1: timestamp, data, ip address, value
Entry 2: time, information, ip address, more information
I'm getting way more Entry 2 entries, over some ip address I care about and some I don't. Entry 1 entries all come from ip addresses (they change periodically so I can't hard code it) I should care about. What I want to do is query to get all the ip addresses I care about from Entry 1 entries, and use that to lookup only Entry 2 entries for ip address I care about.
Basically this if it work a relational query:
select * from Entry2 where ip address in (select unique ip address from Entry1)