Dev Tools
GET http-log/kong/_search
{
"query": {
"match": {
"request.uri": "/service"
}
},
"size": 0,
"aggs": {
"group": {
"terms": {
"field": "request.uri.keyword",
"size": 20
}
}
}
}
Output
"aggregations": {
"group": {
"doc_count_error_upper_bound": 0,
"sum_other_doc_count": 0,
"buckets": [
{
"key": "/service/3",
"doc_count": 8
},
{
"key": "/service/10",
"doc_count": 6
},
{
"key": "/service/26",
"doc_count": 2
},
{
"key": "/service/1",
"doc_count": 1
},
{
"key": "/service/2",
"doc_count": 1
}
]
}
}
The following keys
are all log data /service/${id}
generated by the same API, but they are divided into different keys and how do I match them together?
/service/3
/service/10
/service/26
/service/1
/service/2