How to show data in discover based on EPOCH time

Elastic Stack Kibana
1

Hi Experts.

I am feeding following data from ES 1.7.1 using bulk API.
> POST /clust/clust/_bulk

{"index": {"_index": "clust", "_type": "clust"}}
{"name": "VG", "rollno": "12", "time": "1457005581"}

My time filed has EPOCH time in Seconds. I am using following Mapping for this Index
> PUT /clust

{
    "mappings" : {
        "_default_" : {
            "_all" : {"enabled" : false},
        	"properties" : {			
            "time": {"type": "date"}			
				}
			}
		}
}

Now problem is when I am configuring an index pattern in kibana 4.1.1 based on time field I got nothing in the discover tab , even I tried to search it for this year.Please suggest what i am missing .

2

Is the data not showing up under any time interval?

3

@Court Nope , it's blank .

4

Sorry !! I would have mentioned that with above mapping I am not even see time field in the Kibana drop down while I am creating Index pattern.

I can only see it when I am converting Epoch to a certain date format . So I should ask first , how I can show this Epoch time(time) in the Kibana drop down without changing it to a certain date format?

5

OK, so what I observed when I change mapping like

PUT clust
{
"mappings": {
"clust": {
"properties": {
"time": {
"type": "date",
"format": "yyyy-MM-dd"
}
}
}
}
}

I can see time field in the kibana drop down , but again no data or document at any time interval in kiaban discover tab. What I conclude , since i am using "format": "yyyy-MM-dd" for time field which is Epoch , they are not mapped ? Please suggest what would be the best format for my epoch time ?

6

Finally I figured it out , the problem was with Epoch Seconds format . Found solution here

7

Thanks for updating this with your resolution. I'm sure this will be helpful for other folks as well.