I have started learning JAVA search APIs on elasticsearch 6.3.2 and want to be compatible for future use, i don't want to use TransportClient. I would like to run a query using aggregation something in SQL world would look like :
Select count(logLevel) from table where logLevel="ERROR" and responseCode like "500" and timestamp between ("2018-8-11", "2018-8-12")
Actually I want a dynamic date range of 3 days from current to past 3 days.
using the aggregation code as below :
SearchSourceBuilder ssb = new SearchSourceBuilder();
ssb.query(QueryBuilders.termQuery("responseCode", 500));
// only with this code the total hits I see is 0...!!
TermsAggregationBuilder termAgg = AggregationBuilders.terms("ERROR")
.field("logLevel.keyword");
RangeAggregationBuilder rangeAgg = AggregationBuilders.range("dating").field("timestamp.keyword");
// how to put a dynamic date range here ?
ssb.aggregation(rangeAgg);
ssb.aggregation(termAgg);
I am not sure of what data format the responseCode is stored as. I want to get a hold of the queries before I go further. Kindly answer the comment section in the code. kindly suggest.