Is it possible to perform a search over a specified 30 minute timeframe over a number of days?
For example, I would like to query the CPU metric from metricbeat between 09:00 and 09:30 for the last 7 days and export this to CSV.
Would I need to do this for each day separately or is this possible via a more complex query?
You could create a scripted field that returns the time of day for each document, and then filter on that field for the time you want.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.