Best practices for documents in date sequence

Tonight I got my first ElasticStore instance running, along with my first index. I was able to write to the instance using the PHP API, which is my use case. This is cool stuff.

I have an application that logs operations into a mysql database. Each time a user does something significant, I save the parameters in the database. Thus I can see who has done what.

If I want to push this data into Elasticsearch, instead of saving in a table, I will want to see the results in sequential order. For instance, the user may view an item, pull up the edit form, and submit the edit form. Then the admin will approve the edit.

How should I save the date/time of the document when I index it? Just in the body of the document? If so, in what format? Unix timestamp? YYYY-MM-DD HH:MM:SS? Something else?

I envision a "view log" operation that would take various selectors including a date range, so I need to save the data in a suitable place/format to later search it.

Pointers to documentation would be helpful, as would an answer.

Many thanks,

Ed Greenberg

Use ISO8601, it's a real standard and we use it everywhere.

If you are pushing to Elasticsearch then our general convention is to use a field called @timestamp with that value.

Thank you for your quick reply.

I can easily use ISO8601. Do I understand correctly that the @timestamp is part of the body, or is it external to the body?

Best,
Ed

It's part of the body.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.