Timestamp between now and now-24h

Elastic Stack Kibana
1

Hello,

Currently I used a curl to get the data on one index. But now I would like to receive the data between now, now-24h.
However I receive only 10 data :confused: when I see the same time rang on Kibana I can see a lot of data xD

So I don't understand...

Here is my query:

 /my_index/_search/ -d '{
"query": {
    "range": {
        "@timestamp": {
          "gte" : "now-24h",
          "lt" :  "now"
        }
      }
},
"_source": ["client_ip", "@timestamp", "responseStatus"]

}

Can you help me on this part?

Why I use now on the timerange? Because I would like to execute this curl everyday .

Thank you :wink:

2

Hello,

I need someone to help me to understang the query with kibana.

Best regards

3

We can't help me ?

4

You need to specify the size you want returned. The default is 10.

5

Han ok.

But I don't know exactly how many I can receive the data :confused:
Sometimes I can receive 50 or 300 datas :confused:

it is not possible ?

6

Then set size a bit higher.

7

Ok Thanks you I can understand.
However, If I would like to have the for the last 24h. Is my query is correct?

Because I don't have receive the date present in my discover :confused:

Because every 30min I can receive 55 000 data and with the size I can use 10000 max. I'm really stuck on that.

8

If you need to retrieve over 10000 documents, you should use a scroll query.

9

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.