Hi, couldn't find a matching topic to continue so opening a new issue.
I am currently using ES version 7.6.2.
I have a list of similar json objects where one of each objects also contains a field timestamp. When I do a search query based on timestamp it works until the decimal but doesn't differentiate once timestamp has decimals. For example, if I am trying to match timestamp:1590754048418.2524, it will return all the matches where timestamp:1590754048418.xxxx.
To reproduce:
PUT my-index-000001
{
"mappings": {
"properties": {
"USER_LOGS": {
"type": "nested"
}
}
}
}
PUT my-index-000001/_doc/1
{
"group" : "fans",
"USER_LOGS":[
{
"severity":"INFO",
"message":"user message1",
"msg_timestamp":1590754048414.2043
},
{
"severity":"INFO",
"message":"user message2",
"msg_timestamp":1590754048418.2524
}
]
}
GET my-index-000001/_search
{
"query": {
"nested": {
"path": "USER_LOGS",
"query": {
"bool": {
"must": [
{ "match": { "USER_LOGS.severity": "INFO" }},
{ "match": { "USER_LOGS.message": "user message2" }},
{ "match": { "USER_LOGS.msg_timestamp": 1590754048414.2043 }}
]
}
}
}
}
}
In the GET my-index-000001/_search I am expecting an empty search but it still returns the doc/_1. I have started to think that ES just does not process the timestamps after decimals, is that an expected behavior or am I missing?
I want to pull the correct log messages stored at different times.
Thanks!