forked from ElasticSearchCLITools/esTail
-
Notifications
You must be signed in to change notification settings - Fork 0
/
default.search
55 lines (55 loc) · 1.06 KB
/
default.search
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
{
"index": "{{index}}",
"scroll": "30s",
"search_type": "dfs_query_then_fetch",
"size" : {{fetchsize}},
"body": {
"query": {
"bool": {
"must": [
{
"range": {
"timestamp": {
"gt": "{{from}}",
"to": "now"
}
}
},
{
"query_string": {
"query": "@log_name:{{app}}.log",
"analyze_wildcard": true
}
}
],
"must_not": [
{
"constant_score": {
"filter": {
"missing": {
"field": "message"
}
}
}
},
{
"constant_score": {
"filter": {
"missing": {
"field": "timestamp"
}
}
}
}
],
"should": []
}
},
"sort": [{
"timestamp": {
"order": "asc",
"ignore_unmapped": true
}
}]
}
}