Hi,
My log looks like this
Wed Feb 12 13:42:43 2014 invalid context
Wed Feb 12 14:00:34 2014 message not found
Wed Feb 12 14:01:11 2014 bad address
Fri Feb 14 15:06:50 2014 invalid context
I want to view the error message in my log, as what time error has been arised. But I don't want my log timestamp set to @timestamp. Because my log read time is not same as in the log and I don't want that as same too.
So, I filtered my log timestamp using date with the target of _timestamp(i am using it as type date). I made a visualization with _timestamp in x-axis and using split bar viewed the error message in kibana too. But when i tried to zoom one particular time in x-axis (say: Wed Feb 12) automatically @timestamp also moved to Feb 12 , where no logs will be there.
Is there any possible to zoom and view error details in _timestamp (say as: view only feb 12 details).