Hello Gurus and Newcomers! Seeking your wisdom and help with
Search::Elasticsearch module... I was actually very surprised to see no
questions about this given limited Perl docs on the matter.
I am trying to match the log dates AND filter or search by time as well.
The following works as expected giving me first 3 lines from the log for a
given date:
my $es = Search::Elasticsearch->new(
nodes => 'logs.server.local:9200',
cxn_pool => 'Sniff', ## "web servers and Elasticsearch servers are on the same network"
);
my $results = $es->search(
body => {
query => {
filtered => {
query => { term => { component=> 'ens_iis' } },
filter => {
and => [
{ term => { date=> '2014-04-22' } },
],
},
}
}
},
from => 0,
size => 3,
timeout => 60,
);
Enter code here...
However for the life of me i cannot get the time filter to work! I tried
various different ways and either get incorrect results or none at all.
Here's the most logical (in my eyes) attempt of such search that does NOT
work:
my $results = $es->search(
body => {
query => {
filtered => {
query => { term => { component=> 'ens_iis' } },
filter => {
and => [
{ term => { date=> '2014-04-22' } },
{ range => {
time => {
gte => '02:00:00',
lt => '07:55:00'
}
}
},
],
},
}
}
},
from => 0,
size => 3,
timeout => 60,
);
This returns the same rows as without the filter with timestamps starting
00:03:56. I tried various ways to escape the timestamps but without
expected results.
Im not sure what i am missing here and will be grateful for any guidance
and advice!
Thank you!
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/ebd0eedf-f47f-4d62-bf13-61ecd85d8120%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.