I have a field called "event time stamp" that is basically epoch time with commas in between, for example: "1,515,920,398,808"
Is there a way to format this into a timestamp in a kibana query? Essentially stripping the commas and then running an eval against that number to convert epoch to date/ time?
I think you would want to try creating a scripted field for that. If you google "Kibana painless scripting" or anything close to that you'll find some great resources. Here's a couple of them.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.