Hello all, tell me plz how to do a search in kibana filter on site demo.elastic.co across the subnet
this query don't show any address in 10.12.1.0/24
where I was wrong in the request
{
"query": {
"match": {
"apache2.access.remote_ip": {
"query": "10.12.1.0/24",
"type": "phrase"
}
}
}
}
"query": "10.12.1.*" don't work
for IP ranges you should do the "is between" type of filter:
it will end up looking something like this in query DSL:
{
"range": {
"ip": {
"gte": "64.251.200.0",
"lt": "64.251.200.255"
}
}
}
But i recommend just using the filter builder where you can select fields, ranges and everything you need for a filter.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.