Distinct values of one field based on date range

Rohlik · December 1, 2020, 9:17am

Hello community ,
I struggling with Elasticsearch query and sadly I cannot get correct response.
What I want is get unique/disctinct values for specific field in last X minutes.
I have something like this:

    GET my-index*/_search
    {
      "size": 0,
      "query": {
        "range": {
          "@timestamp": {
            "gt": "now-15m"
          }
        }
      },
      "aggs": {
        "Data": {
          "terms": {
            "field": "name"
          }
        }
      }
    }

I got this response:

    {
      "took" : 50,
      "timed_out" : false,
      "_shards" : {
        "total" : 128,
        "successful" : 128,
        "skipped" : 0,
        "failed" : 0
      },
      "hits" : {
        "total" : {
          "value" : 10000,
          "relation" : "gte"
        },
        "max_score" : null,
        "hits" : [ ]
      },
      "aggregations" : {
        "Data" : {
          "doc_count_error_upper_bound" : 0,
          "sum_other_doc_count" : 0,
          "buckets" : [ ]
        }
      }
    }

As you can see, there is no related output. What is wrong with my query?
Thank you.

Rohlik · December 10, 2020, 5:33pm

BUMB!
Nobody?

system · January 7, 2021, 5:33pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Get newest value per distinct field Elasticsearch	3	1051	August 12, 2020
How do I first do a timerange filter on date field then extract distinct elements of another field? Elasticsearch	2	352	June 3, 2019
Querying the distinct values from ES index Elasticsearch	10	527	January 30, 2019
DISTINCT values DSL query Elasticsearch	3	9526	May 18, 2022
How to get all unique values of a field for a single index? Elasticsearch	1	1541	February 14, 2020

Distinct values of one field based on date range

Related topics