0bd2042c38
The Elasticsearch schema was updated to make the file portion of tags the basename of filename. This allows us to use tags to filter for files with a common basename instead of searching with globs in the filename field. This should be more performant and easier to read. Change-Id: I8fe36c56309ea851afd63f08f65583008fa4857f
5 lines
131 B
YAML
5 lines
131 B
YAML
query: >
|
|
message:"ERROR with Account server 127\.0\.0\.1\:6012\/sdb1" AND
|
|
message:"Connection refused" AND
|
|
tags:"syslog.txt"
|