Aggregations - Alerting Plugin

27 views

Skip to first unread message

Ana Coelho

unread,

Dec 1, 2022, 7:48:50 AM12/1/22

to OpenSearch

I want to know how I can put the full log from the event in aggregation, because the full log is not a field. I know how I can put, for example, the agent. name, but full log, I don't know.

Example:

"aggregations": {

"agent.name": {

"terms": {

"field": "agent.name",

.....

Reply all

Reply to author

Forward

0 new messages