I’ve been asked a few times on how best to search for events which may  contain many different discrete values for a field. It’s essentially using an OR (disjunctive search) in the search language. For example, you can do this:
sourcetype=my_sourcetype (planet=mars OR planet=earth OR planet=saturn)
This works fine for a finite case where you only have [...]