I can't search numeric on message

cherawich · November 21, 2018, 4:11am

I try to search by

(source:10.0.1.*) AND message:"“latency”:"<80000000

but I can’t see latency result less that 80,000,000

This is example message
message

jan · November 21, 2018, 8:35am

how is the latency saved in Elasticsearch? if that is saved as a string such a query is not possible.

Currently the only option to know that is to get the current mapping ( http://docs.graylog.org/en/2.4/pages/configuration/elasticsearch.html#custom-index-mappings ) and see what field type is used for the field. If you only save numbers in the field latency then change the mapping of that field to number.

Topic		Replies	Views
Search for numbers only evaluate frist chr Graylog Central (peer support)	9	855	May 17, 2018
Extractor numeric search is not working as expected Graylog Central (peer support)	2	457	January 11, 2019
Search field:<value doesn't give the expected results Graylog Central (peer support)	11	2140	January 28, 2019
Lucene query search not working in graylog Graylog Central (peer support)	3	1649	October 12, 2017
Can't see the messages that elasticsearch has Graylog Central (peer support)	3	562	November 21, 2019