Hi guys, my team are trying to do some search in kibana using KQL, but we are facing some problems. I hope you could help us.
This question was Asked by my teammate on the SO quite a long, but had no answer.
I'm creating a saved search using Kibana Discover. On screen I can select the time range manually (default is "Last 15 minutes"). If I select "Last 24 hours" and Refresh the search, it works fine. However, when I save the search, the time range information is not saved. Whenever I open Kibana Discover and open my saved search, the time range is always the default (last 15 minutes).
I tried adding different conditions (below) to my KQL query, to no avail. :^(
and @timestamp >= "now-24h"
and @timestamp >= now-24h
and timestamp >= "now-24h"
and @timestamp >= "now-1d/d"
etc.
I also tried to "Add filter" using the @timestamp field. The only operators available are: is not , is one of , is not one of , is between , is not between , exists , does not exist .
So, I tried between now-24h and now . Yet, no results match the criteria.
However, if I manually change the time range to say, Last 30 days, then my filter works!
