如何查询elasticsearch以获取两个时间戳之间的数据

时间:2017-03-20 19:47:19

标签: http curl elasticsearch logstash

最近我一直在使用基于时间戳的查询从我的ELK堆栈中获取数据并避免重复。现在我想实现在两个特定时间戳之间获取信息。

这是我当前的查询:

{
  "query": {
    "range": {
      "runtime_timestamp": {
       "gt": "2017-03-18T22:00:55.964Z"
    }  
   }
  },
  "_source": {
  "includes": [
  "field1",
  "field2"
]
},
"sort": [
{
  "@timestamp": {
    "order": "desc"
  }
}
]
}

我查看了文档,但我似乎无法找到方法。有任何想法吗?

1 个答案:

答案 0 :(得分:2)

您可以在现有范围查询中添加“lt”或“lte”,如下所述:https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-range-query.html 

{
  "query": {
    "range": {
      "runtime_timestamp": {
        "gt": "2017-03-18T22:00:00.000Z",
        "lt": "2017-03-18T22:10:00.000Z"
      }
    }
  },
  "_source": {
    "includes": [
      "field1",
      "field2"
    ]
  },
  "sort": [
    {
      "@timestamp": {
        "order": "desc"
      }
    }
  ]
}
相关问题
最新问题