DSL range quesry

Billz1026 · April 30, 2020, 6:57am

Hi all,

I am using Easticsearch to analyze Syslog data.

I want to filter logs between two time stamps on a given day. I have used following DSL query to do that in Kibana but, it is not giving the exact result I want.

{ "query": { "range": { "Log_Time": { "gte": "09:24:31", "lte": "10:25:31" } } } }

The problem is, query does not match the time field as a complete unit but matching each segment each element separately. For an example, above query matches a log with following as well because of 24 field which is it shouldn't

Log_Time : 11:24:35

Please help me to resolve this...

Thanks in advance,
Billz

cbuescher · April 30, 2020, 9:49am

This looks like "Log_Time" is not mapped/indexed as a date field with a format that matches your query format (something like "HH:mm:ss") but as a text field. You can check this using the "_mapping" API. To be able to search date ranges like you seem to try, you need a date field.

system · May 28, 2020, 9:49am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filtering by date and time as different fields Elasticsearch	10	13311	July 5, 2017
Date filter is not working in kibana using DSL query Kibana	6	2489	June 1, 2019
Date query Elasticsearch	3	406	July 6, 2017
How to search by time ranges (indexed field) Elasticsearch	4	746	July 5, 2017
Elastic Search Date Range queries Elasticsearch	2	439	July 6, 2017

DSL range quesry

Related topics