Which of the following is the correct syntax to query Elasticsearch for CPU usage metrics in the last 5 minutes?

easy📝 Syntax Q3 of Q15

Elasticsearch - ELK Stack Integration

APOST /metrics/_search { "filter": { "time": "last 5 minutes" } }

BGET /metrics/_search { "query": { "range": { "@timestamp": { "gte": "now-5m" } } } }

CGET /metrics/_search { "query": { "match_all": {} } }

DGET /metrics/_search { "query": { "term": { "cpu": "usage" } } }

Step-by-Step Solution

Solution:

Step 1: Understand Elasticsearch query syntax for time range
The range query with @timestamp and gte (greater than or equal) is used to filter documents by time.
Step 2: Identify the correct JSON structure
GET /metrics/_search { "query": { "range": { "@timestamp": { "gte": "now-5m" } } } } uses the correct GET method and range query for last 5 minutes.
Final Answer:
GET /metrics/_search { "query": { "range": { "@timestamp": { "gte": "now-5m" } } } } -> Option B
Quick Check:
Time range query = GET /metrics/_search { "query": { "range": { "@timestamp": { "gte": "now-5m" } } } } [OK]

Quick Trick: Use range query with @timestamp for time filtering [OK]

Common Mistakes:

MISTAKES

Master "ELK Stack Integration" in Elasticsearch

9 interactive learning modes - each teaches the same concept differently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

More Elasticsearch Quizzes