Still confused probably both can be used to quickly query for a specific attribute. Does this mean I should only add fields when I do not need to do conditionals in my filter? Otherwise if i just need to quickly search I can do it through a field? Or if my purpose is to find an event, on say kibana, I should use a field or tag? Thanks
Mike