Kibana Timestamp Format

jakelaws · December 5, 2017, 2:03pm

Hi,

I am currently have NiFi ingesting data into our elastic search environment. We are trying to get elastic to recognize the timestamp format '2017-12-04 18:25:30.114000+00:00' but no matter what we have tried it fails.

I have tried loading it into a new index and seeing if selecting "Index contains time-based events", if it would have it as an option, and it did not.

I also tried pre-formatting the index with things such as:
PUT {index}
{
"mappings": {
"{typeName}": {
"properties": {
"{fieldName}" : {
"type": "date",
"format": "yyyy-MM-dd HH:mm:ss.SSSSSSZZ"
}
}
}
}
}

also tried format: strict_date_optional_time

This also did not work and then when trying to import the data into this index I would receive Illegal Argument exception, invalid format.

Please advise on how to get this timestamp format recognized.

Thank you.

Christian_Dahlqvist · December 5, 2017, 2:22pm

Timestamps in Elasticsearch are limited to millisecond precision, so I wonder if that could be contributing?

jakelaws · December 5, 2017, 3:32pm

I tried changing it to "2017-12-05 15:26:04 UTC" with still no luck. Was not recognized in time based field events drop down.

I tried preformatting with

PUT rest_services
{
"mappings": {
"jmsRunTime": {
"properties": {
"@timestamp" : {
"type": "date",
"format": "yyyy-MM-dd HH:mm:ss ZZ"
}
}
}
}
}

With still no luck. Please advise.

jakelaws · December 7, 2017, 12:22am

Any update on this?

system · January 4, 2018, 12:23am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.