Elasticsearch query

Elk_huh · September 7, 2021, 7:24pm

My siem only allows any querys inside query{}

I need to do a sort by date like this but the sort needs to be inside the query , any ideas

GET /index-*/_search
{
  "sort" : [
    { "@timestamp" : {"order": "desc"}}
  ],
  "query" : {
        "match_all": {}
  }
}

system · October 5, 2021, 7:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elasticsearch input query with sorting Logstash	1	639	May 20, 2020
How to sort search results by date? Elasticsearch	2	992	July 6, 2017
Sorting search results Elasticsearch	1	269	July 6, 2017
Sorting by two fields (Date & Time) Elasticsearch	1	395	July 6, 2017
Sorting search results Elasticsearch	2	751	July 6, 2017