Elastic Search: Unable to retrieve yesterday’s and today’s records
I am trying to query an elk cluster through a subscription method but it does not return today’s and yesterday’s record. This is the function that does a POST request to the cluster, I use _search at the end of the url in order to perform the search:
getIncomingMessages(from:Number, size:Number, fromTime: String, toTime:String, sort:String){
let query= { "query": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"gte": "fromTime",
"lte": "toTime"
}
}
},
{
"query_string": {
"query": "json.message:incoming"
}
}
]
}},"sort": [
{
"@timestamp": {
"order": sort
}
}], "from": from, "size": size} return this.http.post(this.url1, query) //url1 is just the url of the cluster
This is the subscription method:
getIncomingMessages(from:Number, size:Number, fromDate: String, toDate:String, sort:String){
this.inObs = this.dataService.getIncomingMessages(from, size, fromDate, toDate, sort).subscribe(data =>{
let msg = JSON.parse(JSON.stringify(data))
for(let hit in msg.hits.hits){
this.incomingMessages.push(msg.hits.hits[hit]["_source"]["json"]["message"])
this.incomingMessagesApp.push(msg.hits.hits[hit]["_source"]["app_name"])
let msgdate =msg.hits.hits[hit]["_source"]["@timestamp"]
let date = new Date(msgdate)
this.incomingMsgDates.push(date)
//console.log(msg.hits.hits[hit]["_id"])
}
console.log(data)
},
error=>{
console.log(error)
}) }
I call this subscription method inside ngOnInit():
toDate:Date = new Date()
fromDate:Date = new Date(new Date().setDate(this.fromDate.getDate()-1)) //yesterday's date
this.getIncomingMessages(0, 10, this.fromDate.toISOString(),this.toDate.toISOString(), "desc" )
Is it something to do with the subscription promises by any chance? This is my first time working with Angular and Elk so any kind guidance would be helpful!
Source: Angular Questions