-
Notifications
You must be signed in to change notification settings - Fork 5
/
example_curl_queries.txt
51 lines (47 loc) · 1.13 KB
/
example_curl_queries.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
curl -XGET 'http://172.17.0.2:9200/logstash*/_search?pretty' -d '{
"size" : 0,
"filter": {
"match" : {
"message" : "FAILED"
}
},
"aggs" : {
"ips" : {
"terms": { "field" : "remoteIP" }
}
}
}'
curl -XGET 'http://172.17.0.2:9200/logstash*/_search?size=1&pretty' -d '{
"query": {
"match" : {
"message" : "FAILED"
}
}
}'
curl -XGET 'http://172.17.0.2:9200/logstash*/_search?size=1&pretty' -d '{
"filter": {
"match" : {
"message" : "FAILED"
}
}
}'
curl -XGET 'http://172.17.0.2:9200/logstash*/_search?pretty' -d '{
"filter": {
"bool": {
"must": {
"range" : {
"@timestamp" : {
"gte": "2016",
"lte": "01/04/2016",
"format": "dd/MM/yyyy||yyyy"
}
}
},
"must_not": { "prefix": { "remoteIP": "127.0.0" }},
"should": [
{ "match": { "message": "FAILED login" }},
{ "match": { "message": "SUCCESS login"}}
]
}
}
}'