Reputation: 1496
Elasticsearch filter documents with date in epoch format
My documents in ES contain a field that stores date value in epoch format like this:
"received": 1521055535062
I am trying to build a query where I can filter documents based on a certain date with or without UTC time difference taken into account.
Since I have over a million records in ES, I would like a way to figure out how many of those documents belonged to a specific date.
Upvotes: 1
Views: 2109
Answers (2)
Reputation: 357
Just adding a snippet of Java code (using the range query). From the question, it's not clear in which language the query should be written but if it's in Java, following snippet should be helpful:
BoolQueryBuilder boolQuery = new BoolQueryBuilder();
Date asOfDate = new Date(System.currentTimeMillis() - historySeconds * 1000);
boolQuery.must(QueryBuilders.rangeQuery("created").from(asOfDate).includeLower(true));
Upvotes: 1
Reputation: 1337
What you are looking for is the date range query with date format specification that you want. The following should return the docs received on first day of 2018
GET _search
{
"query": {
"range" : {
"received" : {
"gte": "01/01/2018",
"lt": "01/02/2018",
"format": "dd/MM/yyyy"
}
}
}
}
See here for the details https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-range-query.html
Upvotes: 1
Related Questions
- filtering by date in elasticsearch
- How to use date filter in elasticsearch
- Elasticsearch: store & query dates before Epoch
- Elastic Date Format
- Can I force ES to return dates in epoch_millis format?
- Elastic search by date
- Elasticsearch filtering by part of date
- Filter documents with more than one date in Elastic Search
- Elasticsearch mapping document for epoch in seconds
- Elasticsearch date field: epoch millis input, string output?