Hi Team,
I am unable to query the packetbeat when Absolute timestamp is entered. My search returns nothing while it perfectly works with Relative or Quick timestamp.
What could be the issue?
Where and how are you querying? Are you going through Kibana by using a Lucene query? Or are you hitting the Elasticsearch _search API directly?
What's the query that you are using? How did you format the date? These are some working examples of Lucene queries that can be used in Kibana's search bar.
@timestamp:"2018-08-14T15:23:11.719Z"
This one is less precise.
@timestamp:"2018-08-14T15:20:14Z"
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.