Hi,
I am new to ELK and i am passing my logs through logstash to Elastic search.
I am able to view the documents in Kibana, but the records is not displayed in sequential order as written in my log files. I tried sorting based on @timestamp also.
But i have same @timestamp for 2-3 records in which it is not maintaining the order in which they are inserted.
Please help to fix this issue.
TIA
Hi and welcome to our community
In which part of Kibana are you viewing your logs? Discover?
So the timestamps aren't sorted correctly? or is it just that log messages with same timestamps are not in the order like in the log file? since log stash can have several pipelines the order can't preserved unless you can e.g. add another field with e.g. offset in file, like filebeat is doing.
Hope this helps a bit.
Best,
Matthias
Hi Matthias,
Thanks for responding.
In which part of Kibana are you viewing your logs? Discover?===> Yes
So the timestamps aren't sorted correctly? or is it just that log messages with same timestamps==> Its the log messages with same timestamp
Even after extracting the timestamp from the log message, its not displaying in sequential order since it got same timestamp.
Hi, Can someone provide some lead here?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.