Query the last 5 minutes

tomer · March 26, 2017, 1:48pm

Hi,

I am trying to look for a solution to query the last 5 minutes, depending on what time is it.
That means I dont want to manually enter the time such as:

GET filebeat-*/log/_search
{"query" : {
 "range" : { 
            "msgSubmissionTime" : { "from" : "January 18th 2017, 17:17:56.973", "to" : January 18th "2017, 17:22:56.973" } 
        } 
  }
}

I will like to do something like this:

GET filebeat-*/log/_search
{"query" :
   {
       "range" : { 
            "msgSubmissionTime" : { "from" : "5 minutes ago", "to" : "now" } 
        } 
   }
}

Thanks for any help

tomer · March 26, 2017, 2:13pm

I found this:

https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-range-query.html

I had to change it a little bit (for some reason with my ES the concept of now/m or now/m)

Here is my curl:

curl -XGET '192.168.1.114:9200/filebeat-*/log/_search?pretty' -H 'Content-Type: application/json' -d'
{
    "query": {
        "range" : {
            "msgSubmissionTime" : {
                "gte" : "now-2m",
                "lt" :  "now"
            }
        }
    }
}

Topic		Replies	Views
Elasticsearch search last 5 minutes Elasticsearch	2	6794	July 6, 2017
Elastic query string with time range Elasticsearch	2	587	October 13, 2018
Create request for last 15 min Elasticsearch	10	22428	July 6, 2017
How to get last 90 minutes data in elasticsearch rest url Elasticsearch	2	529	May 9, 2019
How to search by date using elasticsearch Elasticsearch	3	3928	July 4, 2017

Query the last 5 minutes

Related topics