More data return when do one query

bo_bo · July 7, 2020, 11:32am

i want do some queries in elasticsearch
when i do this by kibana, it returns like this:

but when i do queries in console with these sentences:

GET /doujiangv4-2020-07-05/_search/
{
  "query":{
    "bool" : {
      "must": [
        {"match": { "#time": "2020-07-05" }},
        {"match": { "#event_name": "SERVER_HEARTBEAT" }}
      ]
    }
  }
}

i got more pieces:

it's 864, instead of 576 which number appear in kibana
why ?
what would i do if i want the number to be 576

nik9000 · July 7, 2020, 12:08pm

Kibana's discover tab has a button in the upper right to get debug information somewhere in there you can get the query it issued. Sorry I can't be more precise. I dont remember it well.

Anyway, my guess is that the query you made by hand doesn't match the kibana one.

defalt · July 7, 2020, 12:30pm

You can find the query which was executed by kibana here:

Scroll down and you will find something like this:

bo_bo · July 8, 2020, 2:11am

thank you for your answer

bo_bo · July 8, 2020, 2:12am

thank you very much for your help

Topic		Replies	Views
Different number of documents when querying Kibana vs Elasticsearch Elasticsearch	2	433	April 16, 2018
Searches from Kinbana Consle return all results and ignoring filtering Kibana	4	727	December 2, 2020
Different outputs when using kibana inspect and dashboard? Kibana painless	2	194	March 1, 2024
Running query outside Kibana Kibana	3	340	March 21, 2019
Filebeat dashboard Kibana	2	373	January 11, 2018

More data return when do one query

Related topics