Hi all:
How can I run my JSON query to search logs from multiple log path same as
we do for hostname*
I am trying to use head plugin in ES
regular expression in hostname - wildcard: {
- logs.host: hostname*
- }
while using wildcard for hostname it works but when I add path there, it
search all paths not types of path or specific path
it searches for cron, message, b.test.log all.
*My requirement is only a.test.log and b.test.log or .test.log to search
for all hosts
{
- query: {
- bool: {
- must: [
- {
- range: {
- logs.@timestamp: {
- from: 2013-11-19T01:00
- to: 2013-11-19T01:10
}
}
}
- logs.@timestamp: {
- range: {
- {
- wildcard: {
- logs.host: hostname*
}
}
]
- logs.host: hostname*
- wildcard: {
- {
- must_not: [ ]
- should: [
- {
- query_string: {
- default_field: default.path
- query: /path/a.log
}
}
]
}
}
- query_string: {
- {
- must: [
- bool: {
- from: 0
- size: 25000
- sort: [ ]
- facets: { }
}
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.