I'm trying to to filter results from this range query.
curl -X GET 'logmon:9200/_search?pretty=true' -d '
{
"size" :100000 ,
"fields" : [ "@message" ],
"query" : {
"range" : {
"@timestamp" : {
"from" : "2013-10-16T00:00:00.0000",
"to" : "2013-10-31T00:00:00.0000"
}
}
}
},
"filter" : {
"term" : {
"@message" : "drop"
}
}'
This yields no different results than the query below, but I know there are
three @messages with the term "drop" in it within this time frame.
curl -X GET 'logmon:9200/_search?pretty=true' -d '
{
"size" :100000 ,
"fields" : [ "@message" ],
"query" : {
"range" : {
"@timestamp" : {
"from" : "2013-10-16T00:00:00.0000",
"to" : "2013-10-31T00:00:00.0000"
}
}
}
}'
Am I using the filter incorrectly?
When I use this search, I get the three @messages. Essentially I'm trying
to add the time range to this search.
curl -X GET 'logmon:9200/_search?pretty=true' -d '
{
"size" :100000 ,
"fields" : [ "@message" ],
"query" : {
"term" : {
"@message" : "drop"
}
}
}'
Thank you.
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.