Parsing multiple time series into Elasticsearch

tkkchan · April 14, 2021, 6:51am

Dear all,
I am not sure if this belongs to logstash... please correct me if not.
I have some data that contains a field which is a time series, of interval 60sec. Should I map it into a single ES document, or should I expand it as a whole index, or is there any field types in ES to deal with this?
Any hints or help would be appreciated.

An entry looks something like this:
... , timestamp, ... , 'loss': [-1, 0, 0, 0, 0, 0, 0, 0, 0, ...], 'latency': [-1, -1, -1, 0, 0, 0, 0, 0, 0, ...]

warkolm · April 14, 2021, 8:18am

If there is a single timestamp in the doc, then treat it as a single event. Even if it spans an interval of time.

system · May 12, 2021, 8:18am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to index different time formats into one field？ Logstash	1	294	December 24, 2018
ES timestamp from logstash collectd codec Logstash	5	617	June 2, 2017
Update timestamp of logs already indexed into ES Elasticsearch	3	329	September 15, 2019
Is timestamp field also indexed while storing time siries data like logs into an index? Elasticsearch	3	210	December 4, 2021
Update single fileds in a given document already stored in ES? Logstash	1	322	March 12, 2018

Parsing multiple time series into Elasticsearch

Related topics