I have a search query that shows server health status.

The servers are hard-coded in the search query, currently.

But, I want have the server data read from a JSON file.

JSON data:

hosts: 
  - name: server_1.company.com
  - name: server_2.company.com
  - name: server_3.company.com
  - name: server_4.company.com

Search Query:

index=app_* 

| WHERE host IN ("server_1", "server_2", "server_3", "server_4")

| eval server_status=case( 
                  match(_raw, "HTTP/1.1" 200"), "OK",
                  match(_raw, "HTTP/1.1" 404"), "NOT OK",
                  true(), "ERROR")

| eval server_type=case(host IN ("server_1", "server_2", "server_3", "server_4"), "processor")  

| table _time, host, server_status, server_type