Hi All,
I'm new to elasticsearch and I've got a datetime/indexing problem.
I'm using Logstash 1.4.1, elasticsearch 1.2.0, and rabbitmq 3.3.1 in a
Window server environment.
My Shipper server - Server A - is setup with Logstash 1.4.1, elasticsearch
1.2.0. and amq
Server A input is a simple log file following the log4j format.
I've a date filter which works fine and I can see in stdout that I'm
setting the timestamp of the message correctly.
My indexing server - Server B - is setup with Logstash 1.4.1, elasticsearch
1.2.0 and amq
The problem is I've got tons of backlogs from previous weeks and I'd like
to see them in elasticsearch. Although my shipper is correctly setting the
@timestamp field to the datetime of my log file, I see that in
elasticsearch (indexing server) I'm indexing only for the current datetime.
Shouldn't I see index for all my backlogs?
Any help is appreciated..
Thanks,
Joey
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/dd1f4e34-c516-48bf-8dee-cac32907b540%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.