Date range aggregations

The date_range aggregation is conceptually the same as the range aggregation, except that it lets you perform date math. For example, you can get all documents from the last 10 days. To make the date more readable, include the format with a format parameter:

  1. GET opensearch_dashboards_sample_data_logs/_search
  2. {
  3. "size": 0,
  4. "aggs": {
  5. "number_of_bytes": {
  6. "date_range": {
  7. "field": "@timestamp",
  8. "format": "MM-yyyy",
  9. "ranges": [
  10. {
  11. "from": "now-10d/d",
  12. "to": "now"
  13. }
  14. ]
  15. }
  16. }
  17. }
  18. }

copy

Example response

  1. ...
  2. "aggregations" : {
  3. "number_of_bytes" : {
  4. "buckets" : [
  5. {
  6. "key" : "03-2021-03-2021",
  7. "from" : 1.6145568E12,
  8. "from_as_string" : "03-2021",
  9. "to" : 1.615451329043E12,
  10. "to_as_string" : "03-2021",
  11. "doc_count" : 0
  12. }
  13. ]
  14. }
  15. }
  16. }