How to curl PUT timestamp correctly

buhruce · September 28, 2020, 7:15pm

I admin a Configuration Management tool and it's data visualization is not good. So I'm scraping the data from this tool and dumping it into Elastic Search. Config Tool API -> Python Script -> Elast Search API. All the data is ingesting. Each computer record in the configuration tool shows up a doc in ES.

name: Bobs laptop serial:D25XXXX osversion:10.13.4 timestamp:Sep 27, 2020 @ 17:00:00.000 _id:8 _type:_doc _index:operatingsystem _score:

My issue is timestamp time is its always 17:00:00. The date does change though. I've presented the time with python in various ways with no luck. Suggestions?

Here is my mappings

Index Mappings

{
"mappings": {
"_doc": {
"properties": {
"date": {
"type": "long"
},
"name": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"osversion": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"serial": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
},
"timestamp": {
"type": "date"
}
}
}
}
}

Blockquote

warkolm · September 28, 2020, 10:50pm

Welcome to our community!

Can you explain this bit a little more?
What does the script look like?

buhruce · September 29, 2020, 4:35pm

The python script will scrape the Configuration Management tool and get info about each computer in the fleet I administer. It builds a dictionary and PUTs it in the ES index I created. This is functional. In my ES server, I can successfully GET a particular doc and it yields the correct information.

I believe I misspoke in my initial question. I believe this to be a Kibana (not ES) issue and how it's interpreting my timestamp mapping. For example, I most recently used unix time as a time stamp. Here is the record:

localhost curl GET command

root@:~# curl -X GET "localhost:9200/operatingsystem/_doc/8?pretty"
{
"_index" : "operatingsystem",
"_type" : "_doc",
"_id" : "8",
"_version" : 13,
"_seq_no" : 11437,
"_primary_term" : 1,
"found" : true,
"_source" : {
"name" : "D25R",
"serial" : "D25R********",
"os" : "10.13.4",
"department" : "AD",
"managed" : true,
"timestamp" : 1601319800
}
}

Unix time "1601319800" is: 09/28/2020 @ 7:03pm (UTC)
In Kibana is shows up as: Jan 19, 1970 @ 04:48:39

warkolm · September 29, 2020, 9:16pm

What is that field mapped as in Elasticsearch?

system · October 27, 2020, 9:17pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.