I have to search for two logs from same index using different time range. For example one eventtype is "login" and the other eventtype is "breach". In a single search i need to search for both eventtypes. But when i do a search for last 4 hrs, it should search eventtype "breach" for last 4 hrs and eventtype "login" for last 8 hrs. Anyone can help me in this?
↧