I am new to OpenSearch, I tried to find it in documentation but couldn't figure it out. I have a aggregation query
{
"size": 0,
"aggs": {
"records_per_day": {
"date_histogram": {
"field": "@timestamp",
"interval": "day"
}
}
}
}
This returns a lot of records however, I want to add a filter to show records only later than a particular timestamp(within 7 days only).
{
"query": {
"range": {
"@timestamp": {
"from": "now-7d",
"to": "now"
}
}
}
}
How can I add this filter to the first query?
I figured it out, the above can be achieved by the following query:
{
"size": 0,
"query": {
"range": {
"@timestamp": {
"from": "now-7d/d",
"to": "now/d"
}
}
},
"aggs": {
"records_per_day": {
"date_histogram": {
"field": "@timestamp",
"interval": "1d",
"format": "yyyy-MM-dd",
"min_doc_count": 0
}
}
}
}