One of the functions of my Elasticsearch server is searching mail log files. I'm curious if it's possible to build a query which returns related queue IDs which don't necessarily include the original query term.
IE... Searching for "firstname.lastname@example.org" returns:
8DEB013F764: email@example.com, relay=blah, delay=0.47, delays=0.13/0/0.23/0.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as F2DBE12D4F8_6FD99CDF)
I'd like a query able to search for "firstname.lastname@example.org" and then return all results with their queuid term matching "8DEB013F764":
8DEB013F764: email@example.com, relay=somewhere:25, delay=0.47, delays=0.13/0/0.23/0.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as F2DBE12D4F8_6FD99CDF)
8DEB013F764: from=, size=66409, nrcpt=1 (queue active)
All of the individual fields are already grok't into their own terms. Any advice on making the query work is much appreciated. : )