Hello, I want to make a filter based on the time of a timestamp.
I would like to extract all timestamps which have a time < 8 or time > 20.
I don't know how to make the DSL query for that 
{
Hi,
To filter documents based on the time of a timestamp, you can use the range query in combination with the date field's hour date math. Here's an example of how you can do this:
{
"query": {
"bool": {
"should": [
{
"range": {
"timestamp": {
"lt": "now/h-8h"
}
}
},
{
"range": {
"timestamp": {
"gt": "now/h+20h"
}
}
}
],
"minimum_should_match": 1
}
}
}
Regards
Sorry but il doesn't work.
Ii would like to do something like that
hour(timepart(timestamp)) < 8 or hour(timepart(timestamp)) > 20
Hi @LeCalve Welcome to the community.
You are going to need to create a field that represents time of day and then filter on it
I just help someone with this. You can read what we did here
This is doing it with runtime fields. In order to use this for a DSL query You will need to add the runtime field directly to the mapping or you may want to actually use an ingest pipeline and create a field on ingest.
Take a read and come back. Tell us what you think.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.