DSL range quesry

Elastic Stack Elasticsearch
1

Hi all,

I am using Easticsearch to analyze Syslog data.

I want to filter logs between two time stamps on a given day. I have used following DSL query to do that in Kibana but, it is not giving the exact result I want.

{ "query": { "range": { "Log_Time": { "gte": "09:24:31", "lte": "10:25:31" } } } }

The problem is, query does not match the time field as a complete unit but matching each segment each element separately. For an example, above query matches a log with following as well because of 24 field which is it shouldn't

Log_Time : 11:24:35

Please help me to resolve this...

Thanks in advance,
Billz

2

This looks like "Log_Time" is not mapped/indexed as a date field with a format that matches your query format (something like "HH:mm:ss") but as a text field. You can check this using the "_mapping" API. To be able to search date ranges like you seem to try, you need a date field.

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.