Numerical range in Kibana 3 not working

Question

My tomcat access logs have last field as "%D - Time taken to process the request, in millis". I am trying to filter the logs which took more than some number of milliseconds, but it is showing all the logs as a result, I am trying as per lucene "Range Searches" http://lucene.apache.org/core/2_9_4/queryparsersyntax.html

Below filter queries are tried: timetaken: [1000 TO *] timetaken: [1000 TO 5000] timetaken: ['1000' TO *]

score 0 · Accepted Answer · answered Jul 25 '14 at 22:52

0

By default logstash takes all input as a string, added ":int" to the fields which i wanted as number. eg. %{NUMBER:apache_bytes:int} %{NUMBER:apache_response_time:int}

Ref: https://groups.google.com/forum/#!topic/logstash-users/2ewrcovttSY

answered Jul 25 '14 at 22:52

Deepak Deore

691
1
9
16

Numerical range in Kibana 3 not working

1 Answers1