I want to do a query using a range where in timestamp date is greater than , say 10th of the month (month in which query is being run) and less than now ( Time when query is being run) . I keep getting following exception when I run my query (snippet below)
"caused_by" : { "type" : "illegal_argument_exception", "reason" : "failed to parse date field [10d/d] with format [dd]", "caused_by" : { "type" : "date_time_parse_exception", "reason" : "date_time_parse_exception: Text '10d/d' could not be parsed, unparsed text found at index 2" }
GET /_search
{ "query": {
"bool": {
"filter": [
{
"range": {
"@timestamp": {
"format": "dd", // I can't use MM in the format and in gte value as I want it to month and year agnostic
"gte": "10d/d",
"lt": "now" // The query run time, which will always be after 10th of every month
}
}
},
{
"wildcard": {
"kubernetes.namespace": {
"value": "apps-*-service"
}
}
},
{
"term": {
"level": {
"value": "WARN"
}
}
},
{
"match": {
"message": {
"query": "Some log text"
}
}
}
]
}
} }
I tried above code snippet and was expecting it to give me results by for the specified date range range. However it keeps giving parse error. Elastic version I am using is - 7.16.3
