CarstenJ
Reputation: 33
ELK queries - multiple query params
I'm using an ELK stack to visualize data from server log files. I have a parameter called "_type" and it's unique for each server. It's all working fine, and I can do a (URL) query like:
query:(query_string:(analyze_wildcard:!t,query:'_type:server1'))
But I can't figure out how to have two (or more) "_type" parameters in my query. I would like to see "_type=server1" and "_type=server2" in the same chart.
Isn't that possible?
Thanks!
Upvotes: 1
Views: 979
Answers (1)
Andrei Stefan
Reputation: 52368
Try with query:'_type:server1 OR _type:server2'. Relevant documentation section here.
Upvotes: 2
Related Questions
- How to Analyze logs from multiple sources in ELK
- Scala Elasticsearch query with multiple parameters
- Search Multiple Fields in Kibana /ElasticSearch
- GoLang, elasticsearch multiple query parameters
- Combining QueryParameters in ElasticSearch Java APi
- Config logstash: multiple input
- Elasticsearch combining queries
- Query multiple strings in a field in kibana3?
- Combine logs and query in ELK
- separate indexes on logstash