Kulasangar Kulasangar - 1 year ago 109
JSON Question

How could I append time stamp range within my elasticsearch query?

I'm trying perform an elasticsearch query as a

request in order pull data from the index which I created. The data which is in the index is, a table from MySQL DB, configured though

Here is my request and the



"query": {
"query_string": {
"query": "transactionoperationstatus:\"charged\" AND api:\"payment\" AND operatorid:\"XL\" AND userid:*test AND time:\"2015-05-27*\" AND responsecode:(200+201)"
"aggs": {
"total": {
"terms": {
"field": "userid"
"aggs": {
"total": {
"sum": {
"script": "Double.parseDouble(doc['chargeamount'].value)"

In the above
body, I'm in need to append the
into the
in order get the data from the index within a date range. I tried adding at the end of the query as:

AND timestamp:[2015-05-27T00:00:00.128Z+TO+2015-05-27T23:59:59.128Z]"

Where am I going wrong? Any help would be appreciated.

Val Val
Answer Source

You just need to remove the +as they are only necessary when sending a query via the URL query string (i.e. to URL-encode the spaces), but if you use the query_string query, you don't need to do that

AND timestamp:[2015-05-27T00:00:00.128Z TO 2015-05-27T23:59:59.128Z]"
                                       ^  ^
                                       |  |
                                   remove these
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download