Elasticsearch Version Compatibility
|GRAYLOG VERSION||MINIMUM ES VERSION||MAXIMUM ES VERSION|
MongoDB Version Compatibility
|GRAYLOG VERSION||MINIMUM MONGO VERSION||MAXIMUM MONGO VERSION|
Search From/To by Keyword
Prior to this version, if the time was inferred from the keyword string (e.g. "last week" or "last monday"), the interval did not make much sense, because the hour/minute/sec part of the interval was taken from the moment in time, the query was submitted. So, the intervals were not aligned to something that made sense.
This has been changed so that. e.g. "last monday" is indeed aligned to start at 00:00:00 and ends on the next day at 00:00:00.
Also, ending on the next day at 00:00:00 is a breaking change. This was chosen so that millis/nanos etc. until the very end of the interval are included in the search (and not because of different messages with handling of millis, nanos etc. some messages get omitted).
stages structure in the pipeline source response changed due to the introduction of a new pipeline match parameter.
match_all field was replaced with the
match field. The field value may be
This mainly affects the response. Since the
stages field is not used for pipeline creation or modification and can be omitted for those kind of requests. (only the
source field is used)
"title": "Test Pipeline",
"source": "pipeline \"Test Pipeline\"\nstage 0 match either\nend",