Hi,
I am currently have NiFi ingesting data into our elastic search environment. We are trying to get elastic to recognize the timestamp format '2017-12-04 18:25:30.114000+00:00' but no matter what we have tried it fails and throws the error of illegal argument exception, invalid format. Please advise on how we can get Elastic to recognize this format.
Thank you.
Can you show which format strings you have tried and what method you have used to setup the field with that format?
I tried pushing in the data and creating a new index and seeing if it recognized a time-based field, which it did not.
I also tried preformatting
PUT {index}
{
"mappings": {
"{typeName}": {
"properties": {
"{fieldName}" : {
"type": "date",
"format": "yyyy-MM-dd HH:mm:ss.SSSSSSZZ"
}
}
}
}
}
also tried format: strict_date_optional_time
What do you mean by "it did not"? Did you get a specific error when creating the index?
No, when selecting "Index contains time-based events" and then trying to select a drop down of fields, it does not recognize any field is a time-based field. Although the data has time field with the time format specified above.
You seem to be referring to a UI. Maybe Kibana? I would suggest asking this in the Kibana discuss forum since in this one we really only know the direct elasticsearch API.
Makes sense, I just figured it may be this one since the NiFi PutElasticSearch is rejecting the data insert. I will post in that discussion form, thank you for the guidance.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.