I would like to run a query in mongodb that looks like the following

Question

0

Asked: June 16, 20262026-06-16T12:48:11+00:00 2026-06-16T12:48:11+00:00

I would like to run a query in mongodb that looks like the following

0

I would like to run a query in mongodb that looks like the following (in SQL). The output should be stored into a cursor.

SELECT ipv4 src, SUM(flags) 
FROM table 
WHERE starttime > 1262300400 AND endtime < y AND port dst = 22 
GROUP BY ipv4, src

I read http://docs.mongodb.org/manual/reference/aggregation/group/

and tried

myCursor = db.mycol.find(  [  
  {$group:{ _id: "$src",total:{$sum:"$flags"}}},
  {$match:{$and:[{"dst":22},
          {$and:[{"starttime":{$gt:1262300400}},{"endtime":{$lt:1264978800}}]}]}  
  }  ]);

but it failed.

BTW: Can I search between two unix-timestamps by just checking the range between those? In the example above I tried to search for a time between 1262300400 and 1264978800

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-16T12:48:13+00:00

You need to use the aggregate method instead of find to do this and you don’t need to use all those $and operators in the $match as the fields are naturally ANDed. And put the $match operation first so that you’re not $grouping on more docs than you need to.

db.mycol.aggregate([
    {$match:{"dst":22, "starttime":{$gt:1262300400}, "endtime":{$lt:1264978800}}},
    {$group:{ _id:"$src", total:{$sum:"$flags"}}}
]);

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I would like to run a query in mongodb that looks like the following

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply