SQL and PPL support by AWS elasticsearch (Open distro for ES)

Hits: 2

AWS elasticsearch now supports standard SQL syntax. For the system admins, it also supports PPL (Pipe Processing Language). Here is an example of both:

select userAgent, eventID from newcwl where requestParameters.bucketName.keyword like ‘web%’ and (eventName.keyword like ‘PutObject%’ OR eventName.keyword like ‘UploadPartCopy%’ OR eventName.keyword like ‘UploadPart%’) ;

And this is PPL syntax:

search source=newcwl eventSource.keyword=’s3.amazonaws.com’ | where eventName.keyword like ‘PutObject%’ or eventName.keyword like ‘UploadPart%’ or eventName.keyword like ‘UploadPartCopy%’ | where requestParameters.bucketName.keyword like “web%” | fields userAgent, eventID

This is really a great feature. I was looking for something like this for years!

Powered by WPeMatico

Antes de continuar con la Información de ANDROID-TV:

Solicita tu demo Gratis de KAXTV IPTV aquí

https://chat.whatsapp.com/C3xhSt8dP62IhDFGldwwcN