-
Notifications
You must be signed in to change notification settings - Fork 1
Sample Queries
Dave Vieglais edited this page Mar 15, 2018
·
2 revisions
This query just returns entries of the _type logevent.
curl -XGET "http://localhost:9200/_search" -H 'Content-Type: application/json' -d'
{
"query": {
"bool": {
"must": [
{"term": {
"_type": {
"value": "logevent"
}
}
}
]
}
}
}'
This query gets a list of logevent records from within a defined time period and only returns the pid and dateLogged values (plus the other metadata always returned by elasticsearch).
curl -XGET "http://localhost:9200/_search" -H 'Content-Type: application/json' -d'
{
"_source": {
"includes": ["pid","dateLogged" ]
},
"query": {
"bool": {
"must": [
{
"term": {
"_type": {
"value": "logevent"
}
}
},
{
"term": {
"event": {
"value": "read"
}
}
},
{
"range": {
"dateLogged": {
"gte": "2018-02-01T00:00:00Z",
"lt": "2018-03-01T00:00:00Z"
}
}
}
]
}
}
}'