I'm a new to ElasticSearch and can have a really stupid questions, but anyway during last several hours I'm unable to find a solution for my relatively typical situation:
Let's say I have logs from a backend application with difference types of user-events: Registration, New Connections, other actions.
Using Logstash I push all this data to ElasticSearch and want to make a filter to find user actions by registration parameters.
How can I make a
nested (I can't tell that this is the right word for it) filters?
- I want to find userIDs by specific Location (GeoIP) of Registration.
- And then I want to see user actions lines filtered using these userIDs and action type (let's say Logout).