I’m trying to query on StartTime, CloseTime, and ExecutionTime in Elasticsearch. I see the Elasticsearch Index Template is setting those columns as long values. I’ve tried creating a custom index template to test around with setting those fields as date and date_nanos. date doesn’t work because the resolution of the three time fields are in nanoseconds. date_nanos also doesn’t seem to work like I would expect because Elasticsearch expects the format to be in epoch_millis (I don’t think they support epoch_nanos). What can I do to query StartTime, CloseTime, and ExecutionTime in Elasticsearch like StartTime > "2021-01-01" like Elasticsearch supports?
Elasticsearch is not intended to be queried directly. These date/time fields must be long in Elasticsearch schema. You have two options here:
- Use
tctl workflow list --query 'StartTime > "2021-05-12T00:00:00Z"'or use Advanced mode in Web UI. Both will send request to the Temporal server and it will perform proper conversion, query ES, and gives results back to you. - Query
longfields manually and perform this conversion yourself. It is basically:
time.Parse(time.RFC3339, timeStr).UnixNano()
I see. Our use case for querying Elasticsearch directly was for setting up dashboards and reporting on workflows in Kibana.