Hi everyone,
Need help to convert this kibana query body to elastic query api format.
My goal is to create an api query, that returns all the data between spesific times.
So i can reingest this data to logstash, and parse them properly.
Query api example;
GET /web_transaction-2021.09.*/_search
{
"query": {
"range" : {
"publish_date": {
"gte": "2021-09-14T03:47:31.000Z",
"lte": "2021-09-24T07:00:11.595Z",
"format": "strict_date_optional_time"
}
}
}
}
and need this in single line format etc;
example: query => '{ "query": { "match": { "statuscode": 200 } }, "sort": [ "_doc" ] }'
Body from kibana;
{
"version": true,
"size": 500,
"sort": [
{
"@timestamp": {
"order": "desc",
"unmapped_type": "boolean"
}
}
],
"aggs": {
"2": {
"date_histogram": {
"field": "@timestamp",
"fixed_interval": "3h",
"time_zone": "Europe/Istanbul",
"min_doc_count": 1
}
}
},
"stored_fields": [
"*"
],
"script_fields": {},
"docvalue_fields": [
{
"field": "@timestamp",
"format": "date_time"
},
{
"field": "graylogTimestamp",
"format": "date_time"
},
{
"field": "graylogtimestamp",
"format": "date_time"
}
],
"_source": {
"excludes": []
},
"query": {
"bool": {
"must": [],
"filter": [
{
"match_all": {}
},
{
"range": {
"@timestamp": {
"gte": "2021-09-14T03:47:31.000Z",
"lte": "2021-09-24T07:00:11.595Z",
"format": "strict_date_optional_time"
}
}
}
],
"should": [],
"must_not": []
}
},
"highlight": {
"pre_tags": [
"@kibana-highlighted-field@"
],
"post_tags": [
"@/kibana-highlighted-field@"
],
"fields": {
"*": {}
},
"fragment_size": 2147483647
}
}