Elasticsearch Query DSL help need to sort on timestamp

bab · July 14, 2021, 9:41am

i need your Help Expertes, i need to update this query to be able to get the result filtered on Prim_id alphabetic and timestamp ascending, each Prim_id is present in a log-event sorted on timestamp (log time).
i mean , for example prim_id : Ca11 is present in many times whit different content (message), i want to be able to get all log-event with Ca11 listed based on log timestamp (log time), after that the same for Ca12,Ca25...etc

{
  "query": {
    "bool": {
      "should": [
        {
          "match_phrase": {
            "message": "Ca12"
          }
        },
        {
          "match_phrase": {
            "message": "Ca25"
          }
        },
        {
          "match_phrase": {
            "message": "Ca11"
          }
        },
       {
          "match_phrase": {
            "message": "Ca98"
          }
        }
      ],
      "minimum_should_match": 1
    }
  }
}

thank you guys in advance.

cheiligers · July 14, 2021, 7:02pm

@bab You could try using a multi-term aggregation

system · August 11, 2021, 7:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Retrieving all log events sorted by timestamp Elasticsearch	6	8791	April 30, 2019
Sorting search results Elasticsearch	2	753	July 6, 2017
Sorting search results Elasticsearch	1	270	July 6, 2017
ES Query to sort data on Timestamp Elasticsearch	2	7635	April 10, 2017
Sorting events with identical timestamps by order events were recorded Kibana	5	3207	August 2, 2017

Elasticsearch Query DSL help need to sort on timestamp

Related topics