How to have timestamp on my docs and kibana show a count of docs per timestamp range

FRegis · September 8, 2019, 2:43am

Hi,

Absolutely newbie here.
I have some data that I'm sending to elasticsearch in JSON. The index is created automatically. I almost have no idea of how to setup indexes and visualization the way I like.

So, other indexes on my environment that were created by syslog sources through logstash, they all have a @timestamp and kibana shows a time series on top of visualization page.

My index shows the fields I sent in doc, but no @timestamp and no time series on kibana.

Please give me hints.

Want this:

Have this:

dadoonet · September 8, 2019, 4:32pm

If you want a timestamp field, you need to provide it. Elasticsearch does not create it automatically.

FRegis · September 9, 2019, 3:42pm

Hi David,

Is correct to assume that if my query returns a dataset with any datetime field, regardless how I named it, Kibana will automatically display that timeline?
Thanks.

holobolo0815 · September 9, 2019, 4:04pm

If you go into Management module of Kibana and check the settings of the relevant Index Pattern you'll see what the appropriate timestamp field would be

FRegis · September 9, 2019, 6:16pm

Hi. I created this index by POSTing docs to it. Currently this is whats kibana shows me:

No pre-established timestamp field.

Can you point me the direction?

holobolo0815 · September 10, 2019, 8:47am

There does not seem to be a feature in the GUI allowing to change it once the index pattern was created: https://github.com/elastic/kibana/issues/9212

As they pointed out in the issue it is also unclear how to change it later in a version of Kibana > 6 ...

You could try creatig a new index pattern (which allows to you define the timestamp field) and see where the differences are from what you have.

system · October 8, 2019, 8:48am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.