I have done test and found out following:
{
"query": {
"filtered": {
"query": {
"query_string": {
"query": "uri:video\\-ondemand\/video\/flv\/test\/"
}
},
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"from": "2014-12-01T00:00:00.001",
"to": "2014-12-01T23:59:59.999"
}
}
}
]
}
}
}
},
"size": 100
}
"total": 81189
----------------------------------------------------------------------------------------------------------------
{
"query": {
"filtered": {
"query": {
"query_string": {
"query": "uri:video-ondemand/video/flv/test/" ## without escape
}
},
"filter": {
"bool": {
"must": [
{
"range": {
"@timestamp": {
"from": "2014-12-01T00:00:00.001",
"to": "2014-12-01T23:59:59.999"
}
}
}
]
}
}
}
},
"size": 100
}
"total": 81189
----------------------------------------------------------------------------------------
{
"query":{
"filtered": {
"query": {
"bool": {
"must": [
{
"query_string": {
"query": "(sc_status:206 OR sc_status:200 OR sc_status:0) AND cs_method:GET
AND uri:*.mp4*"
}
}
]
}
},
"_cache": "false",
"filter": {
"bool": {
"must": [
{
"fquery": {
"query": {
"query_string": {
"query": "uri:video-ondemand/video/flv/test/*"
}
}
}
},
{
"range": {
"@timestamp": {
"from": "2014-12-01T00:00:00.000+01",
"to": "2014-12-01T23:59:59.999+01"
}
}
}
]
}
}
}
},
"sort": {"@timestamp": {"order": "asc"}}
}
"total": 216739
the last one should have less than the first 2 (they have sc_status:404).
But I dont know why.
best regards
Messias
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/a74bd4ef-1698-4926-836a-6cf47111ebe5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
