Basically I have multiple log entries going to elasticsearch every couple seconds. I'm trying to write a live streaming log viewer that polls elastic search every say 2 seconds for the most recent 20 logs.
The issue I'm running into is every time I poll I get the same 20 logs returned and they are not even the 20 newest logs. Here is what I am doing at the moment.
var elasticsearch = require('elasticsearch');
var client = new elasticsearch.Client({
host: "host"
});
router.get('/poll/', function (req, res) {
var service = req.body.service;
var logs = [];
var index = 'logstash-'+dateFormat(new Date(), "yyyy.mm.dd");
client.search({
index: index,
size: 20,
_sort: "@timestamp",
body: {
query: {
query_string: {
query: "dockerd",
fields: ["SYSLOG_IDENTIFIER"]
}
}
}
}).then(function (resp) {
resp.hits.hits.forEach(function(hit) {
logs.push(hit);
});
res.end(JSON.stringify(logs));
}, function(err) {
console.log(err.message);
});
});
What I am trying to do here is sort the logs by descending order based on timestamp and return 20 of them. This should always return the newest entries right?
Any help with this problem would be much appreciated. I'm new to using the elasticsearch api and have been banging my head against the wall for a day now.
