Multi Search in same context request

Elastic Stack Elasticsearch
1

Hi
How i can use a previous values of query in the same one query context?

Query1 ---> $values
$values of "Query1" as parameter of Query2

JOIN THIS QUERIES

GET filebeat-/_search
{
"_source": [ "ip." ],
"query": {
"bool": {
"must" : {
"term" : { "fields.logtype" : "event" }
},
"filter": {
"term" : { "event_type" : "alert" }
}
}
}
}

GET filebeat-*/_search
{
"query": {
"bool": {
"must": {
"term": {
"fields.logtype": "demo01"
}
},
"should": [
{
"term": {
"ip.source.ip": "192.168.1.2"
}
},
{
"term": {
"ip.destination.ip": "192.168.1.2"
}
}
],
"filter": {
"term": {
"action": "pass"
}
}
}
}
}

Thanks

2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.