So this link:
nor this link:
https://www.elastic.co/guide/en/kibana/current/kuery-query.html
document how to use KQL to search fields with dates. We have a creation_date field (not the @timestamp) and would like to search on it. When I tried to search:
creation_date > 2019-11-04T09:00:00
it told me that I was using lucene syntax. I also tried:
creation_date > -2d
But got an error.
Is there a page/post that has already covered this?
Thanks
It SEEMS to be this link: https://www.elastic.co/guide/en/elasticsearch/reference/7.3/common-options.html#date-math
But I still get complaints that I'm using lucene...
There is a selector at the end of the search bar that lets you switch from Lucene to KQL. I think starting 7.4.0 KQL has been made the default one.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.