如何按时间戳过滤正则表达式查询?

时间:2018-07-09 20:21:57

标签: regex elasticsearch lucene filtering

我正在尝试进行一个查询,该查询将基于正则表达式进行搜索,然后根据时间戳eventTimeStamp

过滤出结果

这是我当前的RESTful API调用:

GET firehose-raw/_search
{
  "query": {
    "range": {
      "eventTimeStamp": {
        "lte": "2018-05-10T05:05:05.005"
      }
    },
    "regexp": {
      "rawlog.keyword": ".*unresponsive target=/.*"
    }
  }
}

结果:

{
  "error": {
    "root_cause": [
      {
        "type": "parsing_exception",
        "reason": "[range] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
        "line": 8,
        "col": 5
      }
    ],
    "type": "parsing_exception",
    "reason": "[range] malformed query, expected [END_OBJECT] but found [FIELD_NAME]",
    "line": 8,
    "col": 5
  },
  "status": 400
}

我在其他地方都找不到任何东西,这使我相信我试图做的事是不可能的。

感谢您的帮助。

0 个答案:

没有答案
相关问题
最新问题