Gather Data from Yesterday Until Today

hi_xavier · December 20, 2023, 4:27pm

Hello,

I'm currently using the elk api to gather data between yesterday and today (12/19 @ 00:00:000 -- 12/20@00:00:000)
Would this be the equivalent of that using a range query?

"range": {
    "timestamp": {
        "gte": "now-1d/d",
        "lte": "now/d",
                   }
}

stephenb · December 21, 2023, 1:36am

Hi @hi_xavier

Yes in general that is correct

You can try a quick search to validate...

Of course for Today... the last timestamp will be only up to the current time...

GET logs-*/_search
{
  "size": 0, 
  "query": {
    "range": {
      "@timestamp": {
        "gte": "now/d-1d/d",
        "lte": "now/d"
      }
    }
  },
  "aggs": {
    "max": {
      "max": {
        "field": "@timestamp"
      }
    },
    "min": {
      "min": {
        "field": "@timestamp"
      }
    }  
  }
}

hi_xavier · December 27, 2023, 4:19pm

Understood! Thanks @stephenb !

system · January 24, 2024, 4:20pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to get the data from yesterday to today's date range Elasticsearch	5	1831	April 23, 2021
Help understanding range query with date Elasticsearch	1	302	May 12, 2020
How to query elasticsearch to get data between two timestamps Elasticsearch	2	937	April 17, 2017
@timestamp range - searching across indices Elasticsearch	5	2302	July 5, 2017
Query between a range H Kibana	3	308	September 24, 2019

Gather Data from Yesterday Until Today

Related topics