Best practices for documents in date sequence

EdGreenberg · July 25, 2017, 12:17am

Tonight I got my first ElasticStore instance running, along with my first index. I was able to write to the instance using the PHP API, which is my use case. This is cool stuff.

I have an application that logs operations into a mysql database. Each time a user does something significant, I save the parameters in the database. Thus I can see who has done what.

If I want to push this data into Elasticsearch, instead of saving in a table, I will want to see the results in sequential order. For instance, the user may view an item, pull up the edit form, and submit the edit form. Then the admin will approve the edit.

How should I save the date/time of the document when I index it? Just in the body of the document? If so, in what format? Unix timestamp? YYYY-MM-DD HH:MM:SS? Something else?

I envision a "view log" operation that would take various selectors including a date range, so I need to save the data in a suitable place/format to later search it.

Pointers to documentation would be helpful, as would an answer.

Many thanks,

Ed Greenberg

warkolm · July 25, 2017, 12:44am

Use ISO8601, it's a real standard and we use it everywhere.

If you are pushing to Elasticsearch then our general convention is to use a field called @timestamp with that value.

EdGreenberg · July 25, 2017, 2:57pm

Thank you for your quick reply.

I can easily use ISO8601. Do I understand correctly that the @timestamp is part of the body, or is it external to the body?

Best,
Ed

warkolm · July 26, 2017, 12:32am

It's part of the body.

system · August 23, 2017, 12:32am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.