I have a log file stored in Elasticsearch, where a document is a single line of the file. Blocks of messages start and end with certain keywords. I want to get all documents between documents containing these keywords. Is there a way to leverage the range query/range filter in Elasticsearch to query for text fields?
Sample log file:
...
...
xyz foo "keyword1" .....
..
....
...
xyz bar "keyword2" .....
..
..
I'd like to query all documents between "keyword1" and "keyword2", including the documents containing the keywords themselves. Assume that there are multiple such blocks with "keyword1" and "keyword2".
Additionally, I'm updating the documents containing these keywords with a new field test_field, which contains these keywords as values. Can this new field be used in range filters to achieve the above task?
Elasticsearch fields: _source: { "log_line", "test_field" }