'now' not working when using range query for seaching

Question

{
"size": 0,
"query": {
    "range": {
        "LogTime": {
            "gte": "now-1d",
            "lte": "now",
            "include_lower": true,
            "include_upper": true,
            "boost": 1.0
        }
    }
},
"aggregations": {
    "top_aggs": {
        "date_histogram": {
            "field": "LogTime",
            "interval": "1h",
            "offset": 0,
            "order": {
                "_key": "asc"
            },
            "keyed": false,
            "min_doc_count": 0
        }
    }
}

}

'LogTime' field is date type and has format of yyyy-MM-dd_hh:mm:ss.

The query above is to retrieve some logs that is between two dates(from yesterday to today)

So, I used date math, now-1d and now. However ElasticSearch give me back nothing.

The result is

{
  "took": 0,
  "timed_out": false,
  "_shards": {
    "total": 5,
    "successful": 5,
    "skipped": 0,
    "failed": 0
  },
  "hits": {
    "total": 0,
    "max_score": 0,
    "hits": []
  },
  "aggregations": {
   "top_aggs": {
      "buckets": []
    }
  }
}

If I give exact time value, for example 2018-11-26_00:00:000 instead of now and now-1d, ElasticSearch gives the log information.

Answer 1

Apart from usin now you can use DateTime.now().getMillis(), This will give you the current time stamp that will be more exact.

And to subtract one day from it, use:

DateTime.now().getMillis() - (24*60*60*1000)

Hope this will be helpful.