I've picked up a project that uses Bodybuilder.js for queries to ELK and I am struggling to figure out how to format the query with Bodybuilder. I should note that I've tested this same query in other languages and it worked fine.
As I had written it previously it was:
"sort" {
"duration": {
"order": "desc",
"mode": "max"
}
}
As far as I can tell from the docs (end of the last example) it should be written something like:
.sort([{ "duration": { "order": "desc", "mode": "max" }}])
but this query is giving me an error from the server. I should note that:
.sort("duration", "desc")
on the other hand does not give an error, but does not give the desired result, just to clear up any concern about the key itself.
Information on this is a bit sparse but hopefully someone who's ran into this before can offer some help as the docs aren't giving me more than I mentioned and that's not working.
