0bd2042c38
The Elasticsearch schema was updated to make the file portion of tags the basename of filename. This allows us to use tags to filter for files with a common basename instead of searching with globs in the filename field. This should be more performant and easier to read. Change-Id: I8fe36c56309ea851afd63f08f65583008fa4857f
5 lines
94 B
YAML
5 lines
94 B
YAML
query: >
|
|
message:"HTTP/1.0 503"
|
|
AND tags:"syslog.txt"
|
|
AND syslog_program:"proxy-server"
|