DSL range quesry

Billz1026 · April 30, 2020, 6:57am

Hi all,

I am using Easticsearch to analyze Syslog data.

I want to filter logs between two time stamps on a given day. I have used following DSL query to do that in Kibana but, it is not giving the exact result I want.

{ "query": { "range": { "Log_Time": { "gte": "09:24:31", "lte": "10:25:31" } } } }

The problem is, query does not match the time field as a complete unit but matching each segment each element separately. For an example, above query matches a log with following as well because of 24 field which is it shouldn't

Log_Time : 11:24:35

Please help me to resolve this...

Thanks in advance,
Billz

cbuescher · April 30, 2020, 9:49am

This looks like "Log_Time" is not mapped/indexed as a date field with a format that matches your query format (something like "HH:mm:ss") but as a text field. You can check this using the "_mapping" API. To be able to search date ranges like you seem to try, you need a date field.

system · May 28, 2020, 9:49am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Date filter is not working in kibana using DSL query Kibana	6	2426	June 1, 2019
DSL range query omits valid hits Elasticsearch	1	372	January 3, 2019
Time range search fails Elasticsearch	8	647	July 6, 2017
Splunk equivalent for _index_earliest and _index_latest Kibana	8	1474	July 6, 2017
Time of Day filter Kibana	5	4015	March 5, 2021

DSL range quesry

Related topics