elasticsearch logstash syslog kibana-4 elasticsearch-2.0

Kibana Discover: filter errors, exceptions

I'm using Kibana Discover for filtering messages with different Severity levels.

According to RFC-3164 it may be done using formula:

i * 8 + <severity_level> = syslog_pri

Using this information I can filter errors with severity_level=3 using something like this:

# Here is some Python code to extract list of PRI's for errors:
[i*8 + 3 for i in range(24)]

syslog_pri: in (3, 11, 19, 27,...)

The question is: How to check IN condition in Kibana's search string?

Solution

The syntax from Kibana search bar should be the same as the one from query_string. Something like the following should work:

syslog_pri: (3 OR 11 OR 19 OR...)

What is the difference between CONTAINS and WITHIN on Elasticsearch GeoShape queries?
How to log using serilog to elasticsearch with Elastic.Serilog.Sinks in .net application
What's "EIO: i/o error, write" in node.js and how do I eliminate it?
Kibana has strict security requirements enabled that your current browser does not meet
What's the difference between search-as-you-type and context suggester?
Convenient time string parsing in python
ElasticSearch in Spring with @Query
What is the best practice for ensuring idempotency for downloading a binary with Ansible?
Logstash install error: can't get unique system GID (no more available GIDs)
Can't configure elastic search with spring boot in docker network
`index_prefixes` in OpenSearch?
How to get latest values for each group with an Elasticsearch query?
What does it mean when an Elasticsearch index has yellow health?
Is it possible to transfer data from Redshift to Elasticsearch?
How elastic queries work with contradicting statements
Can filebeat dissect a log line with spaces?
How to undo setting Elasticsearch Index to readonly?
Date range filter not getting excluded from date histogram under global aggregations in elastic query
"United States" not ["United","States"]
Get all field names in an index elasticsearch python
How to really reindex data in elasticsearch
elasticsearch match_phrase returns same score for fields with exact and not exact match
inner_hits aggregations in ElasticSearch
Sorting a reverse nested back to parent aggregation
Elasticsearch: how to list roles assigned to the current SSO user via role mappings
How to setup password for elasticsearch users?
OpenSearch prevent script_score from running more than once
Elasticsearch intermittently killed
Elasticsearch: Job for elasticsearch.service failed
problem with adding new node to elasticsearch cluster