Kibana 3 - unable to set "Time field" as "@fields.date"

Elastic Stack Elasticsearch
1

Hello,

The default "Time Field" setting in 'timepicker' panel of Kibana 3 is set
to as - @timestamp. I'd like to set this to @fields.date which would be the
exact timestamp in a log entry. But when I set it to @fields.date I get a
blank dashboard as seen in the attached screenshot 'kibana-3.png'. Please
advise.

Thanks,

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

2

There is no information regarding how your document looks like. What's
the mapping like? Does @fields.date exist? Is it mapped as a string or
as date?

On Thu, Oct 10, 2013 at 12:50 AM, subin ksubins321@gmail.com wrote:

Hello,

The default "Time Field" setting in 'timepicker' panel of Kibana 3 is set to
as - @timestamp. I'd like to set this to @fields.date which would be the
exact timestamp in a log entry. But when I set it to @fields.date I get a
blank dashboard as seen in the attached screenshot 'kibana-3.png'. Please
advise.

Thanks,

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
Regards,
Abhijeet Rastogi (shadyabhi)

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

3

Sorry for that. Yes, @fields.date do exist. My data would look like:

{"@source":"file://loghost/logs/remote/mail/mail.log","@tags":["mx-mail","mx-mail3"],"@fields":{"date":["Aug
5
00:24:10"],"host":["mx-mail3"],"service":["postfix/smtpd[11985]"],"program":["postfix/smtpd"],"pid":["11985"],"message":["connect
from
unknown[113.160.101.48]"]},"@timestamp":"2013-08-05T00:24:10-04:00","@source_path":"/logs/remote/mail/mail.log","@source_host":"loghost","@message":"connect
from unknown[10.0.4.27]","@type":"postfix"}

The mapping I use for these logs is -

Subin
*
*

On Thu, Oct 10, 2013 at 1:02 AM, Abhijeet Rastogi
abhijeet.1989@gmail.comwrote:

There is no information regarding how your document looks like. What's
the mapping like? Does @fields.date exist? Is it mapped as a string or
as date?

On Thu, Oct 10, 2013 at 12:50 AM, subin ksubins321@gmail.com wrote:

Hello,

The default "Time Field" setting in 'timepicker' panel of Kibana 3 is
set to
as - @timestamp. I'd like to set this to @fields.date which would be the
exact timestamp in a log entry. But when I set it to @fields.date I get a
blank dashboard as seen in the attached screenshot 'kibana-3.png'. Please
advise.

Thanks,

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
Regards,
Abhijeet Rastogi (shadyabhi)

--
You received this message because you are subscribed to a topic in the
Google Groups "elasticsearch" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/eW5Hdz8uPjc/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.