Show Menu

Kibana Cheat Sheet by

kibana

Query

Match field
field1­:"qu­ery­_te­rm"
Field contains A or B
field1­:(term1 OR term2)
Field contains A and B
field1­:(term1 AND term2)
Field missing
_missi­ng_­:field
Field exists
_exist­s_:­title

Wilcards

Single character
?
Multiple characters
*
Fuzzy
~
Be careful with the * wildcard. It can create gigantic queries

Grouping

Basics
(term operator term) operator term
Boolean logic combined with brackets
Example: Must contain either or both term1/­term2 and term3
(term1 OR term2) AND term3
 

Boolean Operations

Must be Present
+
Must not be present
-
And
AND &&
or
OR ||
Not
NOT !

Ranges

1 to 5, including 1 and 5
[ 1 TO 5 ]
1 to 5, excluding 1 and 5
{ 1 TO 5 }
1 to 5, including 1, excluding 5
[1 to 5}
All days in 2012
[2012-­01-01 TO 2012-1­2-31]
Larger then 3
>3
Smaller then 3
<3
Larger or equal to 3
>=3
Smaller or equal to 3
<=3

Reserved characters

Reserved
+ - = && || > < ! ( ) { } [ ] ^ " ~ * ? : \ /
Break character
\
For instance, to search for (1+1)=2, you would need to write your query as \(1\+1­\)\=2

Download the Kibana Cheat Sheet

1 Page
//media.cheatography.com/storage/thumb/swaglord_kibana.750.jpg

PDF (recommended)

Alternative Downloads

Share This Cheat Sheet!

 

Comments

No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets