Hi everyone,
I'm running the following query via the Kibana Dev Tools tab:
GET _search
{
"query": {
"bool": {
"must": {
"match":{
"event.name":"client.player_start"
}
},
"filter":{
"range":{
"@timestamp":{
"gte":"2018-03-15",
"lte":"2018-03-16"
}
}
}
}
}
}
Which returns:
{
"took": 51,
"timed_out": false,
"_shards": {
"total": 486,
"successful": 486,
"failed": 0
},
"hits": {
"total": 67,
"max_score": 2.7472708,
"hits": [
{
And then it lists the 67 documents.
However when I run what I believe is exactly the same thing in Kibana's Discover tab... I get 64 documents. This discrepancy is also present when running on different timeframes, different search terms, etc. I get larger # of document discrepancies when running larger queries.
My thoughts:
Maybe I'm screwing up my gte and lte days? Not sure.
Perhaps there is an issue here with timezones? Perhaps Kibana is using my local time (GMT-8) where the console query is using something different?
I am using Timestamp in the query and Kibana is using the "Time" field, but not sure what the time field is called, however as you can see the values are the same to the millisecond.
Thank you for your help. If you have any advice on my queries, please let me know.
This is running on version 5.5