Troubleshooting Elasticsearch queries

Hi,

I've included my gist
here https://gist.github.com/trekr5/db0b0f577cab10d95257.

I'm trying to extract the number of status 500 errors from an ElasticSearch
server over a 2 hour period. The problem is that the query returns too many
records. I should be receiving 272 errors over a 2 hour time period.
Instead I'm getting 1.5M.

I'm very new to ElasticSearch so am unsure if my query is correct.

All assistance much appreciated.

Regards

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/9769836c-d0fe-4c4f-89e6-45f4ea1b75ed%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

I think you said that it returns 1.5M records because you saw that in total_hits field, right?
This is because you did write any query but only a facet. So the resultset is the full dataset for this index.

I would write something like this: gist:0b161423d0acafecb012 · GitHub https://gist.github.com/dadoonet/0b161423d0acafecb012

--
David Pilato - Developer | Evangelist

@dadoonet https://twitter.com/dadoonet | @elasticsearchfr https://twitter.com/elasticsearchfr | @scrutmydocs https://twitter.com/scrutmydocs

Le 30 avr. 2015 à 14:45, trekr5 cebirim@gmail.com a écrit :

Hi,

I've included my gist here gist:db0b0f577cab10d95257 · GitHub.

I'm trying to extract the number of status 500 errors from an Elasticsearch server over a 2 hour period. The problem is that the query returns too many records. I should be receiving 272 errors over a 2 hour time period. Instead I'm getting 1.5M.

I'm very new to Elasticsearch so am unsure if my query is correct.

All assistance much appreciated.

Regards

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com mailto:elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/9769836c-d0fe-4c4f-89e6-45f4ea1b75ed%40googlegroups.com https://groups.google.com/d/msgid/elasticsearch/9769836c-d0fe-4c4f-89e6-45f4ea1b75ed%40googlegroups.com?utm_medium=email&utm_source=footer.
For more options, visit https://groups.google.com/d/optout https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/61725BBF-6C76-41DF-8477-CF55712A64C3%40pilato.fr.
For more options, visit https://groups.google.com/d/optout.