How to get last 90 minutes data in elasticsearch rest url

Gnanendra · April 10, 2019, 11:33am

Hi,

i am using sql rest url and query last 90 minutes data but it's not working.

see below rest url:

POST .monitoring-es-6-*/_search
{
"_source": ["timestamp", "index_stats.index", "index_stats.primaries.indexing.index_total", "index_stats.primaries.docs.count"],
"from": 0, "size": 10,
"query": {
"match": {
"index_stats.index": "my_index-2019.04.09"
}
},
"filter": {
"query": {
"range": {
"timestamp": {
"gte": "now-90m"
}
}
}
},
"sort": [
{
"timestamp": {
"order": "desc"
}
}
]
}

please help me

Thanks,
gnanendra

HenningAndersen · April 11, 2019, 11:18am

Hi @Gnanendra,

I think you want something like below.

{
  "_source": ["timestamp", "index_stats.index", "index_stats.primaries.indexing.index_total", "index_stats.primaries.docs.count"], 
  "from": 0, "size": 10, 
  "query": {
    "bool" : {
      "must" : {
        "match": {
          "index_stats.index": "my_index-2019.04.09"
        }
      },
      "filter": {
        "range": {
          "timestamp": {
            "gte": "now-90m"
          }
        }
      }
    }
  },
  "sort": [
    {
      "timestamp": {
        "order": "desc"
      }
    }
  ]
}

system · May 9, 2019, 11:18am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.