0

mapping:

  "mappings": {
                "test-engine": {
                  "properties": {
                    "@timestamp": {
                      "type": "date"
                    } ....
             },

sample record:

     {
    "_index": "application-log",
    "_type": "test-engine",
    "_id": "AV9pKiMHlm36MlYWarx3",
    "_score": 1,
    "_source": {
      "@timestamp": "2017-10-29T17:24:50.026+0000",
      "message": "Initialize connection to node -1 for sending metadata request",
      "host": "54.205.134.57",
      "severity": "DEBUG",
      "thread": "Thread-4",
      "logger": "org.apache.kafka.clients.NetworkClient"
    }

the query which I have tried: 

     GET application-log/_mapping
     {
      "range": {
        "@timestamp": {
          "gte": "2017-10-26T17:24:50.026+0000",
          "lte": "2017-10-28T17:24:50.026+0000"
        }
      }
    }

I tried the query with above mappings and records still the date range is not working in kibana

Ashok Kumar N
  • 573
  • 6
  • 23
  • You just need to wrap your `range` query in the `query` section, i.e. `{"query":{ "range": ...}}` – Val Nov 16 '17 at 14:04
  • @Val thanks, val I tried your suggestion { "query": { "range": { "@timestamp": { "gte": "2017-10-31T08:00:11.210+0000", "lte": "2017-10-31T08:00:11.210+0000" } } }} even this is not working – Ashok Kumar N Nov 16 '17 at 14:28
  • Make sure to remove the blank line between GET and the query and use the `_search` endpoint, not the `_mapping` one – Val Nov 16 '17 at 14:34

1 Answers1

1

You need to use the _search endpoint no the _mapping one and wrap the range query inside a query section

 GET application-log/_search
 {
   "query": {
     "range": {
       "@timestamp": {
         "gte": "2017-10-26T17:24:50.026+0000",
         "lte": "2017-10-28T17:24:50.026+0000"
       }
     }
   }
 }
Val
  • 207,596
  • 13
  • 358
  • 360