识别Kibana和ElasticSearch中的时间戳 [英] Recognising timestamps in Kibana and ElasticSearch

问题描述

我是ElasticSearch和Kibana的新手，无法让Kibana识别我的时间戳。

我有一个JSON文件，使用Curl插入Elasticsearch。以下是其中一个JSON条目的示例。

  {index：{_ id：63}} 
 {account_number：63，firstname：Hughes，lastname：Owens，email：hughesowens@valpreal.com，_timestamp：2013-07-05T08： 49：30.123} 
  

我尝试使用命令在Elasticsearch中创建一个索引：

  curl -XPUT'http：// localhost：9200 / test /'
  

然后我尝试为时间戳设置适当的映射：

  curl -XPUT'http：// localhost：9200 / test / container / _mapping'-d'
 {
container：{
_timestamp：{
_timestamp：{enabled：true，type：date，format：date_hour_minute_second_fraction，store：true} 
} 
} 
}'
  

// http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/mapping-date-format.html

然后我尝试批量插入我的数据：

  curl -XPOST'localhost：9200 / test / container / _bulk？pretty'--data-binary @ myfile.json 
  

所有这些命令运行没有故障，但是当在Kibana中查看数据时，无法识别_timestamp字段。通过时间戳进行排序不工作，并尝试使用不同的时间段过滤数据不起作用。任何关于为什么这个问题发生的想法是受人尊敬的。

解决方案

管理以解决问题。所以对于有这个问题的任何人：

我们保存日期的格式不正确，需要：

 _ timestamp：2013-07-05 08：49：30.123
  

那么我们的映射需要是：

  curl -XPUT'http：// localhost：9200 / test / container / _mapping'-d'
 {
container：{
_timestamp：{enabled：true，type：date，format yyyy-MM-dd HH：mm：ss.SSS，store：true，path：_timestamp} 
} 
}'
  
 
 
 
希望这有助于某人。
 
I'm new to ElasticSearch and Kibana and am having trouble getting Kibana to recognise my timestamps.

I have a JSON file with lots of data that I wish to insert into Elasticsearch using Curl. Here is an example of one of the JSON entries.
{"index":{"_id":"63"}}
{"account_number":63,"firstname":"Hughes","lastname":"Owens", "email":"hughesowens@valpreal.com", "_timestamp":"2013-07-05T08:49:30.123"}
I have tried to create an index in Elasticsearch using the command:
curl -XPUT 'http://localhost:9200/test/'
I have then tried to set up an appropriate mapping for the timestamp:
curl -XPUT 'http://localhost:9200/test/container/_mapping' -d'
{
"container" : {
"_timestamp" : {
"_timestamp" : {"enabled: true, "type":"date", "format": "date_hour_minute_second_fraction", "store":true}
}
}
}'
// format of timestamp from http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/mapping-date-format.html

I then have tried to bulk insert my data:
curl -XPOST 'localhost:9200/test/container/_bulk?pretty' --data-binary @myfile.json
All of these commands run without fault however when the data is viewed in Kibana the _timestamp field is not being recognised. Sorting via the timestamp does not work and trying to filter the data using different periods does not work. Any ideas on why this problem is occuring is appricieated. 
解决方案
Managed to solve the problem. So for anyone else having this problem:

The format we had our date saved in was incorrect, needed to be :
"_timestamp":"2013-07-05 08:49:30.123"
then our mapping needed to be:
curl -XPUT 'http://localhost:9200/test/container/_mapping' -d'
{
"container" : {
"_timestamp" : {"enabled": true, "type":"date", "format": "yyyy-MM-dd HH:mm:ss.SSS", "store":true, "path" : "_timestamp"}
}
}'
Hope this helps someone.

                        
这篇关于识别Kibana和ElasticSearch中的时间戳的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！