Kibana 4 does not see _timestamp field

Hi,

I'm pumping data into ElasticSearch (actually using rsyslog instead of
logstash) into a date-based index with a mapping that stores the
_timestamp. When I go in with Kibana 4.0.1 and start setting it up, it
sees the indexes, but the drop down where you select the time field name is
empty and it will not let me create it. Why is this?

I can create it if I uncheck the box that it's a time-based index and just
enter 'vip*' for the name, but that is not what I want. Below is the
mapping.

The 'timestamp' field inside 'properties' is a textual field from syslog
that is relatively useless for sorting, but it doesn't show up either.
Thanks for any input!

$ curl http://elastic.domain.com:9200/vip-2015-03-09/_mappings?pretty=1
{
"vip-2015-03-09" : {
"mappings" : {
"events" : {
"_timestamp" : {
"enabled" : true,
"store" : true
},
"properties" : {
"fac" : {
"type" : "string"
},
"msg" : {
"type" : "string"
},
"prog" : {
"type" : "string",
"store" : true
},
"severity" : {
"type" : "string"
},
"source" : {
"type" : "string",
"store" : true
},
"tag" : {
"type" : "string"
},
"timegenerated" : {
"type" : "string"
},
"timestamp" : {
"type" : "string"
}
}
}
}
}
}

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/88525ec9-6891-4b4a-acc6-a8aca30fabd0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

For the record, I had to add the _timestamp field into the meta-fields in
the Kibana advanced configuration settings ...

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/4b8bb9a0-8924-4265-8c31-ee70bc508612%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Thank you so much for posting this! Couldn't figure out how to get past
that first screen. Adding the name of my timestamp field into the
metaFields under Advanced solved it.

On Tuesday, March 17, 2015 at 3:39:21 AM UTC-7, Micah Yoder wrote:

For the record, I had to add the _timestamp field into the meta-fields in
the Kibana advanced configuration settings ...

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/91df5c2e-1c38-43e4-97ab-58f8f75be27a%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Are you able to apply time filters at kibana 4 dashboards after setting
_timestamp at metafields?

I'm using kibana 4.1 snapshot, _timestamp and setting time filter at top
right (eg. last 3 months to now) at a dashboard simply doesnt work.

On Thursday, March 26, 2015 at 7:51:45 AM UTC+2, ma...@coreyac.com wrote:

Thank you so much for posting this! Couldn't figure out how to get past
that first screen. Adding the name of my timestamp field into the
metaFields under Advanced solved it.

On Tuesday, March 17, 2015 at 3:39:21 AM UTC-7, Micah Yoder wrote:

For the record, I had to add the _timestamp field into the meta-fields in
the Kibana advanced configuration settings ...

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/e17e64ae-1554-4b7f-ab84-d357f51b70b4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.