Seems like a silly question but I'm not getting the result I want.
I have millions of documents being indexed in ES coming from Logstash and I'm always depending on the 'default' mappings and I'm happy to see a @timestamp field with the date/time stamp of the indexing time. I also have documents (coming from logs files) where I 'translate' the date/time stamp from the log record into the @timetamp in the final document (done in Logstash).
Now I need to generate documents for storage in ES and I need to use the Linux CLI curl to do this. The documents may be generated with a timestamp different from the current time. I don't find a way to do this in ES 5.x. How do I do something like:
curl -H "Content-Type: application/json" -XPOST "host:9200/metrics-${today}/metric/" -d "{
"metric_name": "queue.depth",
"metric_value_int": 10,
"@timestamp": 1497446650
}"
Apparently I can't use @timestamp or _timestamp and using 'timestamp' simply creates a field by that name. Note, the actual timestamp format (in this example epoch seconds) isn't important...