Hello,
I parsed a date from the log but it's type in the index was String. I would like to change it to Date so that i could display lines in kibana in the same order of the log file.
Any suggestions will be apperciated.
Change the mapping and use date instead of text.
hi @dadoonet thanks for the quick reply. i'm a beginner, what i did is that i applied a grok filter
%{SYSLOGTIMESTAMP:Date}%{SPACE}
How could i exactly change the mapping please. thanks
That does not change elasticsearch mapping. It just indicates how to extract a SYSLOGTIMESTAMP regular expression and put the extracted value in Date field.
You need to create the appropriate mapping for the Date field. See:
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.