Home > Enterprise >  Elastic search is not returning last 30mins data
Elastic search is not returning last 30mins data

Time:11-27

I need to get last 30 mins data from elastic search index. I am reading this query from logstash input plugin. I have used now-30m. but it is not giving correct results. Please help to identify what I am missing here Query :

 "query": {
    "bool": {
      "filter": [
        {
          "range": {
            "createdDate": {
              "gte": "now-30m"
            }
          }
        }
      ]
    }
  }

Output data has below time which is not in 30 mins range

 "createdDate": "2021-11-26T09:10:38.524Z",
 "createdDate": "2021-11-26T06:44:58.520Z",

field details in Index.

"createdDate": {
"type": "date"
},

CodePudding user response:

Your mapping and data both look correct.

However, your different systems, Logstash and Elasticsearch, are probably not installed in the same timezone as the one you're calculating from.

Since now is computed dynamically, it can be different from what you expect. Make sure to account for the timezone differences.

Page link:https//www.codepudding.com/Enterprise/206633.html

Prev:Elasticsearch search keyword ignoring empty query values
Next:Logstash output to custom index if file path is "/file/path"
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding