How to filter the particular timestamp in KQL field

sanjeev1895 · August 11, 2023, 4:37pm

Hi
Can anyone tell me the how to search the particular timestamp in KQL.

Am I using the below format in logstash filter.
time_stamp 11/Aug/2023:16:31:44 +0000

So how to use this time_stamp field and grep the logs. Example, between 11/Aug/2023:16:31:44 to 11/Aug/2023:16:35:44

Thanks.

Rios · August 11, 2023, 4:58pm

You can use:

@timestamp >="2023-08-11T16:31:44.000" and @timestamp <="2023-08-11T16:35:44.000"
or simplier just use + for filtering on your field and "is between"
As time format you can use: 2023-08-11T16:33:46.299+02:00 or 2023-08-11T14:33:46.299Z .

system · September 8, 2023, 4:58pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Setting hour in KQL or Lucene Kibana	5	497	August 2, 2022
Filter logs which are after a particular event Kibana	1	250	September 11, 2021
Can't use anymore @timestamp after a time filter change Kibana	3	577	December 25, 2019
How should I filter this date? Logstash	2	260	September 9, 2021
Not able to filter from timestamp Kibana	3	180	December 30, 2023