Hi!
I'm just starting to learn about ES and I have a question regarding
recursive queries (I'm not sure that's the correct term for what I'm trying
to do...).
I'm using Logstash to index logs from multiple sources, and Kibana to
perform queries/visualization.
What I would like to do is this:
- Perform a query (QUERY_1) looking for a specific kind of log output,
for instance "Error application A". - I expect to get a list of messages containing "Error application A",
now I would like to get all variations of a field, let's say there's a
"host"- field. - Perform a new query (QUERY_2): "For each host returned from QUERY_1,
show messages with fieldX='asd' ".
Is there any way to do this using only ES/Kibana? I guess I could build
something of my own to do it, but it would be nice to be able to combine
QUERY_1 and QUERY_2 into one single query. Any ideas, or could you point me
to some tutorial/guide on how to do this?
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/952d8d61-64ea-41d5-a8c4-a8ec40cf098c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.