Hi community!!!
I want to create a request that transmits me all the documents for last 15min.
Any advice will be highly appreciated!!!
1 Like
The easiest way would be to do a date range query.
@warkolm
Thanks, but how can i ask elasticsearch to do this.
I have my documents like this:
curl -XPUT localhost:9200/indexname/documentname/4 -d'
{
user: "sergey",
onlineUserCount: "43"
}'
i want to display all the documents that comes to elasticsearch for the last 15 minutes.
I've searched like this
$ curl -XGET localhost:9200/indexname/documentname/_query -d'{
"query":{
"range":{
"timestamp":{
"gt": "now -15m"
}}}}'
But It gaves me nothing!!!
You need to use the _search endpoint in your request, not the _query endpoint.
@dantuff
Thx for reply. Is it possible to get what i want without timestamp?
Or i have to enabled timestamp if i want to request all documents for last 15 minutes?
Yes, take a look here:
https://www.elastic.co/guide/en/elasticsearch/reference/current/mapping-timestamp-field.html
I can't understand, Is elasticsearch create date field automatically or not? If it does how can i add the range without timestamp?
If you enable the _timestamp it will create the field. Here's a simple example. Create your index with _timestamp enabled.
POST /demo
{
"mappings": {
"_default_": {
"_timestamp": {
"enabled": true
}
}
}
}
Index a document:
POST /demo/doc/1
{
"name": "test"
}
Now execute the range query and the document is returned
POST /demo/_search
{
"query": {
"range": {
"_timestamp": {
"gt": "now-15m"
}
}
}
}
1 Like