Is there a query or some way to ask elasticsearch that which field is being used as timefield for the index?
Elasticsearch doesn't have the concept of THE timefield for an index. Rather it has a concept of mapping (0 to N) fields to date types [1]. This can be explicit [2] or implicit via dynamic mappings [3].
You can query the mappings for a given index to get the mappings [4] and look for the (0 to N) date type(s), which may get you close to what you are asking.
However, I assume you question is more in reference to how to get Kibana's default time field for a given Kibana's index pattern. For example, it is the (date type) field used to build out the graphic (date histogram) at the top of the discover page in Kibana. For that you will need to checkout the Kibana docs [5], or ask over in #kibana to see if they expose that as part of their API.
[1] https://www.elastic.co/guide/en/elasticsearch/reference/current/date.html
[2] https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-put-mapping.html
[3] https://www.elastic.co/guide/en/elasticsearch/reference/current/dynamic-mapping.html
[4] https://www.elastic.co/guide/en/elasticsearch/reference/6.4/indices-get-mapping.html
[5] https://www.elastic.co/guide/en/kibana/current/index.html
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.