A few days ago I’ve been playing around with Elasticsearch and possibilities or earlier query termination. This was one of the requirements for a user I talked to and we wanted to know all the possibilities we have in the newest version of Elasticsearch available at the given moment (1.5.0). This post will quickly go through those possibilities.
While I was updating my DevOps Days Warsaw 2014 talk (slides) I decided it may be good to show how to use multiple filters in Logstash – for example grok combined with geoip filter that will enhance our log files with location of visitors of our site. So if you are interested in it and later how to use Kibana 4 to visualize that data, I hope you will find the post useful.