Home > Mobile >  How do I update range of timestamps in elasticsearch?
How do I update range of timestamps in elasticsearch?

Time:11-17

Some of my data stored in elastic moved far into the future because I mixed up seconds and milliseconds thing. I need to divide all timestamps from the specified range by 1000.

I know how to get the needed data but I don't know how to update them.

GET /_search
{
  "query": {
    "range": {
      "message.timestamp": {
        "gte": " 50798-06-20T00:27:37"
      }
    }
  }
}

CodePudding user response:

I found the answer.

Use POST to send an update request. I used _update_by_query request, specified the range and wrote a script that parses string datetime to timestamp which is then divided by 1000 to convert to seconds.

POST myindex/_update_by_query
{
  "query": {
    "range": {
      "message.timestamp": {
        "gte": " 50000-06-20T00:27:37"
      }
    }
  },
  "script": {
    "source": "SimpleDateFormat format = new SimpleDateFormat(\" yyyyy-MM-dd'T'HH:mm:ss\", Locale.getDefault()); long timestamp = format.parse(ctx._source.message.timestamp).getTime(); ctx._source.message.timestamp = timestamp / 1000;",
    "lang": "painless"
  }
}

Page link:https//www.codepudding.com/Mobile/194812.html

Prev:Issues with Mapping Elastic Index fields with Java Fields
Next:Pass a container type as the typename of a template in c
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding