Im trying to add evtx( windows eventlogs) to ES, for that im using a Map. When i convert eventlog to Json by powershell. 'TimeCreated' output come as below.
"TimeCreated":"/Date(1512629819348)/"
In map I coded as below for format
TimeCreated":{"type":"date",
"format":"epoch_millis",
"ignore_malformed": true},
After data upload to ES and adding Index to Kibana It showed 'TimeCreated' field for create Time Filter to select. But when try to discover it wont show records. If create index with out date filter data is thee and Date contain all the proper data.
If i manually change the Time created value in json as below, it works.
"TimeCreated":"1512629819348"
how can i pass default json convert date output format to ES and appear in Kibana Discover?