Hello Guys,when i trying to pushing data inside the Elasticsearch. that time data take place inside the elastic with current timestamp. but i wanna set event in the elastic with given time.for achieving this i try this one. but didn't get success:
Page 1 / 1
Doesn't Elastic use @time instead of _time?
internally elastic using @timestamp but i think _time mapping with the @timestamp
`_time` is automatically mapped to `@timestamp`;, but it should be in the format `<seconds>.<milliseconds>`. If you want it to be in ISO8601 like Elastic wants, you can set `@timestamp`; directly in that format.
yes,i tried this one but `_time` always taking the current time in `miliseconds` when insert in the elastic. not going to map on the required time
Output:-
unable to find the any datetime field
Configuration :-
<@U023CN0RVMZ> if you haven't created an <https://www.elastic.co/guide/en/elasticsearch/reference/current/index-templates.html|index template> for your index pattern, the field will be mapped as `long` field, because Elasticsearch's <https://www.elastic.co/guide/en/elasticsearch/reference/current/dynamic-mapping.html|dynamic mapping>, recognises it as a number rather than a date, so it won't show up as a timestamp field.
<@U04PBMSJVHQ>,is there any way to set Elasticsearch `@timestamp`; from cribl side ?
Thank you team for the support,i have resolved the issue using this:-
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.