Hello,
I have an ES cluster setup. We are using logstash to structure our log-lines and for ingesting into Elasticsearch.
We've got indexes with multiple fields out of which two are:-
"syslog_message" - {"type": text},
"log_file_name" - {"type": text}
I want to search for log files (distinct "log_file_name") that have either "abc" OR "xyz" present in the "syslog_message" field.
How can I do that? I tried using different aggregations but got confused.
Also, is it possible to search using Kibana?
Thanks,
Yogendra