Elastic SQL query to get data of today ONLY

Through an Elastic SQL query, how can I retrieve data belonging to today only?

I've tried:

select "@timestamp", today(), now(),
TimeOfLastReceivedUpdate
FROM "index*"
where
Name = 'value'
and
("@timestamp" >= today() AND "@timestamp" <= NOW())

We're based in Australia.
And today() and now() return
2020-06-04T10:00:00+10:00 and 2020-06-05T09:48:09+10:00

now is correct, today is yesterdays date.

So what would I put in my where clause to get data of today only? TimeOfLastReceivedUpdate is our own field, @timestamp is the ES field.

Thanks
Jaffar

• What version of ES are you on?
• How do you execute the query? JDBC? REST?
• Do you pass a timezone/time_zone param?

If I execute:

POST /_sql?format=txt

{
    "query" : "select now(), today()",
    "time_zone": "Australia/Sydney"
}

I get:

            now()            |           today()           
-----------------------------+-----------------------------
2020-06-08T04:10:28.295+10:00|2020-06-08T00:00:00.000+10:00

which is correct, maybe some other transformation takes place in client side.

How can I execute this as an ESQL query?

With curl, kibana console, postman, some es-client, etc.

Sorry for that.
My question is - what would be the ESQL query for the same?

I don't get it sorry, what do you mean?

POST /_sql?format=txt

{
    "query" : "select \"@timestamp\", today(), now(), TimeOfLastReceivedUpdate FROM \"index*\" where Name = 'value' and (\"@timestamp\" >= today() AND \"@timestamp\" <= NOW())",
    "time_zone": "Australia/Sydney"
}

This ?

ES is capable of SQL since the newest version.

select "@timestamp", today(), now(),
TimeOfLastReceivedUpdate
FROM "index*"
where
Name = 'value'
and
("@timestamp" >= today() AND "@timestamp" <= NOW())

In the above query, just running the SQL, without the API as you have done, how can I specify the timezone is my question.

Thanks

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.