I'm currently getting this results
message1 | 2022-06-09 | 250
message1 | 2022-06-08 | 300
message2 | 2022-06-09 | 400
message2 | 2022-06-08 | 200
And my current setting is like this
What do I need to add here to just get the dates with the highest count like tis
message1 | 2022-06-08 | 300
message2 | 2022-06-09 | 400
Hello,
So your interval is daily and you are seeing results for that. I am not sure how to tweak this? I will buzz you back.
Thanks,
Bhavya
There is no such function to filter date histogram buckets.
One option is to create a runtime field to calculate the date of @timestamp and then use terms aggregation with size 1 on that runtime field.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
