Hi
thanks for you amazing job
I have a use case that need to export data with a given raw query like this:
{
"query": {
"query_string": {
"query": "source : x.x.x.x "
}
},
"fields": [
"@timestamp",
"source.address",
"user.id"
],
"_source": false
}
'
how can I do this? can you give a sample?
thanks in advance
Hi
thanks for you amazing job
I have a use case that need to export data with a given raw query like this:
{
"query": {
"query_string": {
"query": "source : x.x.x.x "
}
},
"fields": [
"@timestamp",
"source.address",
"user.id"
],
"_source": false
}
'
how can I do this? can you give a sample?
thanks in advance