Distinct values of one field based on date range

Rohlik · December 1, 2020, 9:17am

Hello community ,
I struggling with Elasticsearch query and sadly I cannot get correct response.
What I want is get unique/disctinct values for specific field in last X minutes.
I have something like this:

    GET my-index*/_search
    {
      "size": 0,
      "query": {
        "range": {
          "@timestamp": {
            "gt": "now-15m"
          }
        }
      },
      "aggs": {
        "Data": {
          "terms": {
            "field": "name"
          }
        }
      }
    }

I got this response:

    {
      "took" : 50,
      "timed_out" : false,
      "_shards" : {
        "total" : 128,
        "successful" : 128,
        "skipped" : 0,
        "failed" : 0
      },
      "hits" : {
        "total" : {
          "value" : 10000,
          "relation" : "gte"
        },
        "max_score" : null,
        "hits" : [ ]
      },
      "aggregations" : {
        "Data" : {
          "doc_count_error_upper_bound" : 0,
          "sum_other_doc_count" : 0,
          "buckets" : [ ]
        }
      }
    }

As you can see, there is no related output. What is wrong with my query?
Thank you.

Rohlik · December 10, 2020, 5:33pm

BUMB!
Nobody?

system · January 7, 2021, 5:33pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Get newest value per distinct field Elasticsearch	3	1048	August 12, 2020
DISTINCT values DSL query Elasticsearch	3	9281	May 18, 2022
Count distinct by date Elasticsearch	3	821	October 28, 2019
Returning Distinct Values in a query Elasticsearch	2	4780	September 27, 2019
Get latest documents where field is distinct Elasticsearch	4	3695	June 15, 2017

Distinct values of one field based on date range

Related Topics