cnby
Reputation: 449
Can we use a Unix Timestamp as _timestamp field in elasticsearch
When we create time-based indices, elasticsearch/kibana need a field named "_timestamp".
I found that this field should be a string.
But in my log, Unix Timestamp is a necessary segment.
Upvotes: 0
Views: 1727
Answers (1)
avr
Reputation: 4893
Yes you can store unix timestamp in Date type fields. But make sure you use proper format like epoch_millis for timestamp in millis and epoch_second for timestamp in seconds.
Example mapping for timestamp field which stores unix timestamp in seconds.
PUT my-index
{
"mappings": {
"my-type": {
"properties": {
"timestamp": {
"type": "date",
"format": "epoch_second"
}
}
}
}
}
You can find more information here
Upvotes: 3
Related Questions
- Query by timestamp in ElasticSearch
- Elasticsearch indexing timestamp-field fails
- ElasticSearch / Kibana timestamp - field or _source?
- Elasticsearch query based on timestamp
- Elasticsearch 1.x add field copy of timestamp
- Elasticsearch _timestamp
- Returning the timestamp field in elasticsearch
- ElasticSearch index unix timestamp
- How to make elastic4s store _timestamp field?
- Elasticsearch date field: epoch millis input, string output?