How to filter the particular timestamp in KQL field

sanjeev1895 · August 11, 2023, 4:37pm

Hi
Can anyone tell me the how to search the particular timestamp in KQL.

Am I using the below format in logstash filter.
time_stamp 11/Aug/2023:16:31:44 +0000

So how to use this time_stamp field and grep the logs. Example, between 11/Aug/2023:16:31:44 to 11/Aug/2023:16:35:44

Thanks.

Rios · August 11, 2023, 4:58pm

You can use:

@timestamp >="2023-08-11T16:31:44.000" and @timestamp <="2023-08-11T16:35:44.000"
or simplier just use + for filtering on your field and "is between"
As time format you can use: 2023-08-11T16:33:46.299+02:00 or 2023-08-11T14:33:46.299Z .

system · September 8, 2023, 4:58pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Setting hour in KQL or Lucene Kibana	5	506	August 2, 2022
Date filter plugin successfully matches but doesn't show up in Kibana Logstash	4	412	August 28, 2018
Error in logstash date filter in kibana Kibana	2	264	July 29, 2020
Time Filter field name: @timestamp Logstash	2	2102	May 9, 2019
Using grok filter show log timestamp in time Kibana	3	326	April 13, 2020