Possible to only find new entries since last search?

Sandra_Schlichting · May 17, 2021, 12:18pm

Dear all =)

Does anyone know if it is possible to make a query that searched for error_event:1 and the next time I run it, it only shows the new entries since last search?

Hugs,
Sandra =)

warkolm · May 17, 2021, 11:12pm

Only if you track the time of the last document in your client, there's nothing in Elasticsearch to do that.

system · June 14, 2021, 11:12pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Only query new documents from Elasticsearch index Elasticsearch	3	397	October 21, 2020
Query the last match by a field Elasticsearch	3	883	May 10, 2017
Query to get the last x values Elasticsearch	1	285	January 15, 2021
Elasticsearch input login - read only new documents Logstash	1	556	January 15, 2020
Last update timestamp for a specific field? Elasticsearch	3	1090	December 5, 2016

Possible to only find new entries since last search?

Related topics