Last active
December 4, 2018 09:34
-
-
Save zverbatim/7163918d980ff849da851e991dd3e90e to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Kibana search criteria: | |
| ------------------------------------------------------ | |
| type: http | |
| http transition only | |
| http.response.headers["content-type"]: *json | |
| regex operator | |
| responsetime: [10 TO *] | |
| range with 10 including | |
| responsetime: {10 TO *} | |
| range that does not include 10 | |
| NOT type: mysql | |
| except | |
| mysql.method: SELECT AND mysql.size: [10000 TO *] | |
| all MySQL SELECT queries with large attachments: | |
| (mysql.method: INSERT OR mysql.method: UPDATE) AND responsetime: [30 TO *] | |
| can use () | |
| lang:(en OR es) | |
| in condition for terms | |
| +_type:event +_missing_:foo -duration:[10 to *] | |
| + = must | |
| - = must not | |
| _missing_ = the field that does not exists in the document |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment