Display date without time in Elasticsearch

VeeT · November 12, 2020, 10:57pm

Hi,
I have the following input in a "Date" field:
Date=2020.11.12

Currently, it's displaying as this in Kibana:
Date Nov 12, 2020 @ 00:00:00.000

I would like to display this as is in Kibana, i.e., Date: 2020.11.12. How do I do that? I want to use the yyyy.MM.dd format and without the timestamp. Can I modify the date field to do this?

This is what I have in the Index Template Mapping:
"Date": {
"format": "strict_date_optional_time||epoch_millis||yyyy.MM.dd",
"index": true,
"ignore_malformed": false,
"store": false,
"type": "date",
"doc_values": true
}

This is what I have in the logstash config file:
input {
udp { port => 1001 id => "syslog_id" buffer_size => 196608 receive_buffer_bytes => 196608 }
}
filter {
if [message] =~ /InbTxnType/ {
mutate { add_tag => ["TRANSACTION", "SUMMARY"] }
kv { trim_key => " " trim_value => " " source => "logMessage" value_split => "=" field_split => "," }
date { match => ["Date","yyyy.MM.dd"] target => "Date" }
}
}

output {
if "SUMMARY" in [tags] {
elasticsearch{ hosts => ["elasticsearch-client:80"] index => "summary-transaction-%{+YYYY.MM}" }
}
}

Thanks!
Vanessa

mattkime · November 13, 2020, 2:34pm

Hello @VeeT

Have you tried using a field formatter? https://www.elastic.co/guide/en/kibana/current/managing-fields.html

Thanks,
Matt

VeeT · November 13, 2020, 3:50pm

Hi Matt,
Yes, I've done that. I've set the date format )yyyy.MM.dd) in the index pattern. Please see attached.

Thanks!
Vee

mattkime · November 14, 2020, 2:47am

@VeeT

Which version of the stack are you using? Can you show a screenshot where the data isn't formatted as desired?

VeeT · November 16, 2020, 4:19pm

Matt,
We are using ELK 7.6.
Here are the screenshots. The InputDate.png is the one that's being sent to us from the application thru Load Balancer to Logstash. The OutpuDate.png is the one that's being displayed in Kibana.

The desired result is "Date 2020.11.16".

Thanks!
Vee

InputDate:

OutputDate:

mattkime · November 16, 2020, 4:33pm

Yes, I've done that. I've set the date format )yyyy.MM.dd) in the index pattern. Please see attached.

Thats not a screenshot from the index pattern field format editor. I suspect its an ingest related screenshot. Try going to Stack Management -> Index Patterns and set the formatting there.

Thanks,
Matt

Topic		Replies	Views
Date formatting yyyy.MM.dd Elasticsearch	7	2561	November 13, 2020
Custom Date and Time Format Kibana	3	7201	November 21, 2017
How to display a datefield in custom format in Kibana, without changing @timestamp display format? Kibana	4	1483	December 28, 2017
Using custom date format on elasticsearch and Kibana4 Elasticsearch	1	469	July 6, 2017
Kibana is showing one field value different from elasticsearch Kibana	4	349	August 6, 2018

Display date without time in Elasticsearch

Related topics