Hi,
I'm struggling trying to produce a query and I hope someone here can help out. What I'm trying to do is the following:
I have 2 indexes, one called "Malware" and one called "AssetData". The Malware index contains all assets that have or might have an infection, and the AssetData contains all asset data of all devices. The Malware index contains the FQDN of a device, and the AssetData contains the NETBIOS name of a device. I can replace this by using rex, to make sure both fields match.
The name of the field containing the same data is called "hostname" in the Malware index, and is called "Asset_Tag" in the other index.
I'd like to create a report/statistics table, joining data from both indexes together. The Malware index should be leading, with the AssetData index data being added to the results.
Thanks for your help!
... View more