Comments (3)
taraslayshchuk
commented on May 23, 2024
Hi!
You should observe in which datetime format your 'timestamp' field stored in Elasticsearch. After that you could simply generate proper string query. The easiest way is run query with arg '-m 1' to get only one doc and look into output file to determine field format.
Example:
taraslayshchuk@MBP-Taras ~ $ es2csv -i blog -q '*' -o file.csv -m 1
Found 1000 results
Hit max result limit: 1 records ] [0/1000] [ 0%] [0:00:00] [ETA: --:--:--] [ 0.00 docs/s]
Write to csv [##############################################] [1/1] [100%] [0:00:00] [Time: 0:00:00] [ 2.06 klines/s]
taraslayshchuk@MBP-Taras ~ $ cat file.csv
email,first_name,gender,id,ip_address,last_name,timestamp
[email protected],Marie,Female,3,74.73.42.155,Washington,2015-06-28T11:29:23Z
taraslayshchuk@MBP-Taras ~ $ es2csv -i blog -q 'timestamp: [2015-06-28T11:29:23Z TO 2015-07-28T11:29:23Z]' -o file.csvFound 89 results
Run query [################################################] [89/89] [100%] [0:00:00] [Time: 0:00:00] [ 3.46 kdocs/s]
Write to csv [############################################] [89/89] [100%] [0:00:00] [Time: 0:00:00] [ 9.97 klines/s]
taraslayshchuk@MBP-Taras ~ $ es2csv -i blog -q 'timestamp: [2015-06-28T11:29:23Z TO 2015-06-28T12:29:23Z]' -o file.csvFound 1 results
Run query [##################################################] [1/1] [100%] [0:00:00] [Time: 0:00:00] [123.47 docs/s]
Write to csv [##############################################] [1/1] [100%] [0:00:00] [Time: 0:00:00] [ 2.42 klines/s]
taraslayshchuk@MBP-Taras ~ $ es2csv -i blog -q 'timestamp: [2015-06-28T11:29:23Z TO 2015-06-29T12:29:23Z]' -o file.csvFound 6 results
Run query [##################################################] [6/6] [100%] [0:00:00] [Time: 0:00:00] [ 1.29 kdocs/s]
Write to csv [##############################################] [6/6] [100%] [0:00:00] [Time: 0:00:00] [ 7.90 klines/s]
taraslayshchuk@MBP-Taras ~ $ cat file.csv
email,first_name,gender,id,ip_address,last_name,timestamp
[email protected],Marie,Female,3,74.73.42.155,Washington,2015-06-28T11:29:23Z
[email protected],Terry,Male,751,30.9.115.76,Ortiz,2015-06-29T05:27:07Z
[email protected],Scott,Male,557,178.252.107.4,Powell,2015-06-28T23:25:25Z
[email protected],Tammy,Female,617,120.196.137.243,Webb,2015-06-29T07:58:39Z
[email protected],Aaron,Male,416,223.35.117.96,Bowman,2015-06-28T19:34:46Z
[email protected],Doris,Female,48,106.254.230.45,Hanson,2015-06-28T13:15:30Zfrom es2csv.
rdica
commented on May 23, 2024
Thanks for responding, per your command, the timestamp format is:
Jan 20 18:41:23
However, I also have a field @timestamp, in the format:
2016-01-20T00:00:23Z
Seems I can query a range using this, so I will do so, thanks for your help!
from es2csv.
taraslayshchuk
commented on May 23, 2024
If your field format really is 'Jan 20 18:41:23' you have field type 'string'. You can check it in mapping:
taraslayshchuk@MBP-Taras ~ $ curl -XGET 'localhost:9200/blog/_mapping'
{"blog":{"mappings":{"post":{"properties":{"email":{"type":"string"},"first_name":{"type":"string"},"gender":{"type":"string"},"id":{"type":"string"},"ip_address":{"type":"string"},"last_name":{"type":"string"},"timestamp":{"type":"date","format":"strict_date_optional_time||epoch_millis"}}}}}}Range cannot be between two strings. You have to create new index with proper mapping for your field, have to upload docs and after that you could run query in date time format as it described in your mapping.
You welcome!
from es2csv.
Related Issues (20)
- Error during pip install HOT 1
- es2ecv can not support encoding
- Export data from aggregation
- Possible to provide alternate delimiter for kibana style?
- change list to string in output HOT 1
- Argument for handling null values
- es2csv expectd one argument
- Unable to get the whole result
- Extending --auth to work with ES AWS IAM
- Passing a file name to -q is not called out in docs
- Getting "TypeError: unsupported operand type(s) for -: 'dict' and 'int'" HOT 1
- Getting unrecognized parameter: [_source_include] with Elastic 7.3 and using -f to specify fields HOT 1
- Index with a lot docs
- How to format a string
- Unable to escape newline characters while exporting to CSV HOT 1
- openSSL auth
- Non-ASCII characters not exported correctly HOT 3
- Chinese characters in the list are missing data
- It kept saying the error "No matching distribution found for es2csv" HOT 2
- Updated Fork
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from es2csv.