In es we can do this
GET _search
{
"_source":["message"],
"query": {
"range" : {
"my.time": {
"gte" : "20190113-09:15:57",
"lte" : "20190114-10:15:57"
}
}
}
}
Is it possible in Logs UI?
It looks like you should be able to do that with a Kuery range expression that looks something like range(bytes, gt=1000, lt=8000)
Update: Strike that... looks like that's an old expression. How about @timestamp <= 20190114-10:15:57 and @timestamp >= 20190113-09:15:57. If that doesn't work you might have to convert the timestamps to Unix timestamps.
@timestamp>=2019-01-17 is OK.but @timestamp >= 2019-01-17 10:15:03.842 is bad.
I don't know how to type time in Logs UI (and if the @timestamp is a string >= is also bad.)
Using strings formatted in ISO 8601 for timestamps should work, e.g. @timestamp >= "2019-01-17T10:15:03.842Z" for a date in UTC.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.