GET /logstash-jsy/nginx-access/_search
{
"size": 0,
"query": {
"bool": {
"must": [
{
"match": {
"geoip.country_name": "China"
}
},
{
"range": {
"@timestamp": {
"gt": "2017-09-05T14:00:00.000",
"lt": "2017-09-05T19:00:00.000",
"time_zone": "+08:00"
}
}
}
]
}
},
"aggs" : {
"articles_over_time" : {
"date_histogram" : {
"field" : "@timestamp",
"interval" : "15s",
"format": "yyyy-MM-dd HH:mm:ss",
"time_zone": "+08:00"
}
}
}
}
聚合的时间是从 14点到 19点,现在时间是18:17分,但是聚合的结果
{
"key_as_string": "2017-09-05 18:14:45",
"key": 1504606485000,
"doc_count": 2
}
停留在18:14分,少了4分钟,谁遇到过
{
"size": 0,
"query": {
"bool": {
"must": [
{
"match": {
"geoip.country_name": "China"
}
},
{
"range": {
"@timestamp": {
"gt": "2017-09-05T14:00:00.000",
"lt": "2017-09-05T19:00:00.000",
"time_zone": "+08:00"
}
}
}
]
}
},
"aggs" : {
"articles_over_time" : {
"date_histogram" : {
"field" : "@timestamp",
"interval" : "15s",
"format": "yyyy-MM-dd HH:mm:ss",
"time_zone": "+08:00"
}
}
}
}
聚合的时间是从 14点到 19点,现在时间是18:17分,但是聚合的结果
{
"key_as_string": "2017-09-05 18:14:45",
"key": 1504606485000,
"doc_count": 2
}
停留在18:14分,少了4分钟,谁遇到过
1 个回复
Cheetah
赞同来自: