I’ve read issues related to ES aggregation, but they did not help.
We’re using redash 3.0.0+b3134 and ElasticSearch 5.x
Simple aggregation query tested in kibana “Dev Tools”
POST /logstash-*/_search
{
"query": {
"query_string": {
"default_field": "content",
"query": "level : ERROR AND source_host : *-prd-*"
}
},
"aggs" : {
"errors_daily" : {
"date_histogram" : {
"field" : "startTime",
"interval" : "day"
}
}
}
}
Returns buckets and in general what I’ve expected.
When I put that query in redash I receive same amount of results, but the only field is “startTime” without bucket values. What am I doing wrong?
- Second question which version of ES redash is supporting. Internally we have a mix of versions 2.x and 5.x and we see differences in redash behaviour. One main is for versions 5.x on a screen with Query edition we do not see “Schema serch” options. That works with ES 2.x