Hello,
I'm using curl directly from the Linux CLI.
The configuration is correctly applied because when I do
curl -XGET http://localhost:9200/ubilogs-mbr/_mapping
I get this:
{
"ubilogs-mbr": {
"mappings": {
"logs": {
"dynamic": "strict",
"_timestamp": { "enabled": true,
"format": "yyyy-MM-dd HH:mm:ss" },
"properties": {
"action": {
"type": "string",
"index": "not_analyzed",
"store": true,
"doc_values": true
},
"application": {
"type": "string",
"index": "not_analyzed",
"store": true,
"doc_values": true
},
"attack": {
"type": "string",
"index": "not_analyzed",
"store": true,
"doc_values": true
},
...
}
}
}
}
}
On Tue, Apr 7, 2015 at 7:24 PM, David Pilato david@pilato.fr wrote:
Are you doing that using curl or any interface within your browser?
If the later, can you try again with curl or Marvel/Sense.
If it does not work, gist a full script.
BTW what is your version?
--
David 
Twitter : @dadoonet / @elasticsearchfr / @scrutmydocs
Le 7 avr. 2015 à 18:20, Antoine Brun abr@ubiqube.com a écrit :
Hello,
I'm trying to use the timestamp feature to automatically add a timestamp
to the newly indexed doc.
Since we are already indexing document without timestamp I figured out
that I could simply execute:
curl -XPUT 'http://localhost:9200/ubilogs-mbr/_mapping/logs' -d '{
"logs" : {
"_timestamp" : {
"enabled" : true,
"stored" : true,
"format": "YYYY-MM-dd HH:mm:ss.SSS"
}
}
}'
and the next document to be indexed will have the _timestamp field added.
But when I search for the doc with, for example:
{"fields":["_timestamp"],"query":{"match_all":{}}}
I only get
{
- "_index": "ubilogs-mbr",
- "_type": "logs",
- "_id": "AUyVGpmfoHcL_d0dTPU4",
- "_score": 1
}
no _timestamp field here.
Is there anything else to do?
Is my understanding correct: ES cluster will automatically generate a
default _timestamp with the time when the doc is indexed?
Antoine
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/6a82defe-a17e-4b41-977a-584da43a41ad%40googlegroups.com
https://groups.google.com/d/msgid/elasticsearch/6a82defe-a17e-4b41-977a-584da43a41ad%40googlegroups.com?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to a topic in the
Google Groups "elasticsearch" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/elasticsearch/JX95IGNBjt0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/423AA837-8789-4123-BE16-7A130ED183A1%40pilato.fr
https://groups.google.com/d/msgid/elasticsearch/423AA837-8789-4123-BE16-7A130ED183A1%40pilato.fr?utm_medium=email&utm_source=footer
.
For more options, visit https://groups.google.com/d/optout.
--
Antoine
--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAGUV-q-qzr3S28tBAxjF3nxEzkTgJdOQeF3SsYGPRbeJeP0%3D1A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.