MasterScrat
Reputation: 7386
ElasticSearch fields prefixed with "@"
I see a lot of fields in example mappings that look like @timestamp, @name, etc.
What does it mean? Does it make any change or is it some convention? It is tricky to google and I didn't find any reference reading the doc.
Here's an example: https://gist.github.com/deverton/2970285
...
"properties" : {
"@fields": { "type": "object", "dynamic": true, "path": "full" },
"@message" : { "type" : "string", "index" : "analyzed" },
"@source" : { "type" : "string", "index" : "not_analyzed" },
"@source_host" : { "type" : "string", "index" : "not_analyzed" },
"@source_path" : { "type" : "string", "index" : "not_analyzed" },
"@tags": { "type": "string", "index" : "not_analyzed" },
"@timestamp" : { "type" : "date", "index" : "not_analyzed" },
"@type" : { "type" : "string", "index" : "not_analyzed" }
}
...
Upvotes: 4
Views: 317
Answers (1)
Akshay
Reputation: 3411
Those settings do not affect anything. They are standardised logstash fields which are used so you can easily report on logs originating from multiple sources.
They are just a logstash convention and not an elasticsearch convention.
Upvotes: 5
Related Questions
- Why is @ not matching for query_string query in elasticsearch?
- What does @ mean in elastic search documents?
- Using field names containing the "@" (@timestamp) in elasticsearch-dsl
- Elastic Search Query with @ (at sign) bring the same as without
- Elastic Search, field name starting with at sign
- why wildcard cannot use `@` in Elasticsearch?
- Escaping @ at symbol in Ruby Elastic Search gem?
- Kibana discover: search for special character: '@'
- Elasticsearch Query String Query with @ symbol and wildcards
- ElasticSearch update API - add fieldname starting with @ sign