How to use NOW/d in elasticsearch search query

Elastic Stack Elasticsearch
1

Dear all,

I'm trying to get today's data based on the keywords. here in below code, I have hardcoded the timestamp.. but I want to fetch the data for entier today. please help.

GET indicesname/_search
{

   "query": {
       "bool": {
           "must": [
               { "match": { "data.target.sampler": "CPU" }},
               { "match": {"data.row.Hostname.keyword":"HOST456-23"}},
               { "match": {"data.row.CPU": "Average_cpu"}},
               {"range": {"@timestamp": {"gte": "2020-04-02T00:01:30.614Z","lte": "2020-04-02T00:01:37.614Z"}}}
               ]
           }
       }
   }
2

You can do:

GET indicesname/_search
{

   "query": {
       "bool": {
           "must": [
               { "match": { "data.target.sampler": "CPU" }},
               { "match": {"data.row.Hostname.keyword":"HOST456-23"}},
               { "match": {"data.row.CPU": "Average_cpu"}},
               {"range": {"@timestamp": {"gte": "2020-04-02","lt": "2020-04-03"}}}
               ]
           }
       }
   }

Or use indeed date math as explained here https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-range-query.html#ranges-on-dates

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.