Are would the logstash debug output be okay, or are you asking for something else?
Obviously I am new at this. Thanks, Rod On Monday, December 15, 2014 1:03:07 PM UTC-5, Sachin Divekar wrote: > > Hi, > > Can you share some sample data and desired output? > > Sachin Divekar > > On Mon, Dec 15, 2014, 10:00 PM Rod Clayton <[email protected] > <javascript:>> wrote: > >> I have loaded login data into Elasticsearch using Logstash. >> >> I have fields: username retcd workstation. >> >> I want to query and get a count of failed logon requests by username and >> workstation on a given day. >> >> The indexes are named like logstash-2014.11.18. >> >> What would a query for this look like on the day listed above? >> >> Thanks, >> Rod >> >> -- >> You received this message because you are subscribed to the Google Groups >> "elasticsearch" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/elasticsearch/dd8ca3ed-c9e6-478a-ad77-9418e5822296%40googlegroups.com >> >> <https://groups.google.com/d/msgid/elasticsearch/dd8ca3ed-c9e6-478a-ad77-9418e5822296%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/bc68c3ae-dba2-4bbb-a873-8ded53c49874%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
