Hello, I am trying to get latest timestamp from an index by using elasticsearch input plugin with query as
input {
elasticsearch {
hosts => "${ES_HOST}:9200"
index=>"myindex"
query => '{ "query": { "match_all": { } }, "sort": [ {"@timestamp":{"order":"desc"}}],"size":1 }'
size=>1
}
}
However, I get all documents in the index.
Is this a known issue, since the same query returns only one result in kibana?