我在elasticsearch中有很多日志,必须计算过去10天每天有多少日志。不幸的是,我的json不起作用。你能检查我犯了什么错误吗?提前感谢!:)
我需要这样的东西:
date : records
2023-03-17 256
2023-03-18 148下面是我的json,有一些错误
GET /index_name/_search
{
"query": {
"range": {
"@timestamp": {
"gte": "now-11d",
"lte": "now-1d"
}
}
},
"aggs" : {
"byDay" : {
"date_histogram" : {
"field" : "@timestamp",
"calendar_interval" : "1d",
"format" : "yyyy-MM-dd"
}
}
}
}上述执行结果:
{
"took": 448,
"timed_out": false,
"_shards": {
"total": 3,
"successful": 3,
"skipped": 0,
"failed": 0
},
"hits": {
"total": {
"value": 0,
"relation": "eq"
},
"max_score": null,
"hits": []
},
"aggregations": {
"byDay": {
"buckets": []
}
}
}我的索引结构是这样的:
{ "took": 621, "timed_out": false, "_shards": {
"total": 3,
"successful": 3,
"skipped": 0,
"failed": 0 }, "hits": {
"total": {
"value": 10000,
"relation": "gte"
},
"max_score": 1,
"hits": [
{
"_index": "logs-000001",
"_id": "FDiUoYYB6jibW4tyO_7l",
"_score": 1,
"_source": {
"@timestamp": "2023-03-02T09:08:08.029Z",
"qid": "7079B4FEE7",
"status": "status_A",
}
},
{
"_index": "logs-000001",
"_id": "FTiUoYYB6jibW4tyO_7l",
"_score": 1,
"_source": {
"@timestamp": "2023-03-02T09:08:08.057Z",
"qid": "BE5694FEFB",
"status": "status_A",
}
}
]
} }
1条答案
按热度按时间5fjcxozz1#
以你为例,我增加了范围。
结果: