Page 1 of 1
Getting logs for tomorrow
Posted: Tue May 26, 2020 3:13 pm
by hcltech
In my indicies I am showing some for tomorrow. I have done a query but I am not showing anything from those queries. Can anyone help me with this? I know I had this issue before but when i did a search then it showed me what had a wrong date and I was able to fix it.
Re: Getting logs for tomorrow
Posted: Wed May 27, 2020 9:28 am
by cdienger
Running the below from the command line should help you track down the hosts. Make sure to adjust the index name(logstash-2020.05.28) to whichever day you need to search:
Code: Select all
curl -XGET 'http://localhost:9200/logstash-2020.05.28/_search?pretty' -d ' { "aggs" : { "hosts" : { "terms" : { "field" : "host.raw" } } } } '