Hi! I'm just starting to learn about ES and I have a question regarding recursive queries (I'm not sure that's the correct term for what I'm trying to do...). I'm using Logstash to index logs from multiple sources, and Kibana to perform queries/visualization.
What I would like to do is this: 1. Perform a query (QUERY_1) looking for a specific kind of log output, for instance "Error application A". 2. I expect to get a list of messages containing "Error application A", now I would like to get all variations of a field, let's say there's a "host"- field. 3. Perform a new query (QUERY_2): "For each host returned from QUERY_1, show messages with fieldX='asd' ". Is there any way to do this using only ES/Kibana? I guess I could build something of my own to do it, but it would be nice to be able to combine QUERY_1 and QUERY_2 into one single query. Any ideas, or could you point me to some tutorial/guide on how to do this? -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/952d8d61-64ea-41d5-a8c4-a8ec40cf098c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
