Menu
I have an index with a time field whose values are like:
time: 2012-06-02T12:25:27+02:00
Then I'm running the following query:
{
"sort": {
"time": "desc"
},
"query": {
"query_string": {
"query": "time:[2012-6-2T12:24:00Z TO 2012-6-2T12:26:00Z]",
"default_operator": "AND"
}
},
"size": 30
}
That is returning 0 hits, but if I shift the query string by 2 hours then it matches with the records in that time. So, I'm pretty sure this is a time zone problem. Reading the docs I found I can put a "time_zone" : 2 in the query, but.... where should it be placed in the previous query? I tried many options but couldn't make it work.
897
This is not correct, in Elasticsearch the date and time fields are always stored in UTC and you can't change it. The date is still in UTC, it is Kibana that converts the time for your timezone, the data in Elasticsearch is still in UTC.
Kibana uses the timezone of your browser by default, it is however possible to change this if you require.
You, probably, have seen the "time_zone" parameter in the histogram date facet, which is different from this query. The query_string query doesn't accept a time_zone parameter. I think the simplest solution here would be replacing "Z" with desired time zone in your query:
{
"sort": {
"time": "desc"
},
"query": {
"query_string": {
"query": "time:[2012-6-2T12:24:00+02:00 TO 2012-6-2T12:26:00+02:00]",
"default_operator": "AND"
}
},
"size": 30
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
