Essql timestamp query in canvas

elasticforme · July 2, 2020, 9:29pm

SELECT islandtype FROM "index1*"
where '@timestamp' > now() - INTERVAL 200 minutes
group by islandtype

this give me blank it says no document found. but I know I have document.
when I remove where clause it give me output.
what am I doing wrong?

this in canvas

flash1293 · July 3, 2020, 8:12am

You have to use double quotes to escape the field name: "@timestamp". Otherwise it will compare it with the literal string @timestamp

elasticforme · July 3, 2020, 4:57pm

that worked.

system · July 31, 2020, 4:57pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Canvas - Variable in essql Kibana canvas	1	1079	February 16, 2022
Kibana SQL - How to do where clause for @timestamp? Kibana elastic-stack-sql	2	506	October 21, 2020
Formatting @timestamp in Canvas Kibana canvas	4	3578	November 8, 2019
Limited time period in Canvas Kibana canvas	5	1122	January 7, 2021
Canvas showing error instead of 0 Kibana canvas	9	975	February 16, 2021