Hello,
I have time-based events in elasticsearch. When creating the index pattern, I define the time filter based on my timestamp. However, when I have more than one line with the same timestamp, only one persists. How to keep them both?
Thank you.
Francisca
I am not following your question. Could you provide an example with a screen shot and some more details? I am not sure what "when I have more than one line with the same timestamp, only one persists" is asking. What do you mean by "persists"?
Thank you. Using the timestamp I have in the file, I have more than one line with the same timestamp. Inserting those data in elastic and defining the timestamp as time filter it only "saves" one line per timestamp.
Changing the timestamp to the system timestamp (@timestamp) solved my problem, it start saving all lines.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.