映射:
"mappings": {
"test-engine": {
"properties": {
"@timestamp": {
"type": "date"
} ....
},
样本记录:
{
"_index": "application-log",
"_type": "test-engine",
"_id": "AV9pKiMHlm36MlYWarx3",
"_score": 1,
"_source": {
"@timestamp": "2017-10-29T17:24:50.026+0000",
"message": "Initialize connection to node -1 for sending metadata request",
"host": "54.205.134.57",
"severity": "DEBUG",
"thread": "Thread-4",
"logger": "org.apache.kafka.clients.NetworkClient"
}
我尝试的查询:
GET application-log/_mapping
{
"range": {
"@timestamp": {
"gte": "2017-10-26T17:24:50.026+0000",
"lte": "2017-10-28T17:24:50.026+0000"
}
}
}
我尝试使用上面的映射和记录查询,但日期范围仍然不适用于kibana
答案 0 :(得分:1)
您需要使用_mapping端点而不是range端点并将query部分包含在 GET application-log/_search
{
"query": {
"range": {
"@timestamp": {
"gte": "2017-10-26T17:24:50.026+0000",
"lte": "2017-10-28T17:24:50.026+0000"
}
}
}
}
部分
/c: