On One of the crucial key things when working with time based data is the timestamp that represents the moment when the event was generated. Logsene assumes that expects the time of the event will to be provided in the @timestamp field. The following formats @timestamp value formats are currently supported by Logsene when it comes to the @timestamp field:
- ISO Date date with timezone information, for example:
- 2016-06-22T10:00:00Z
- 2016-01-04T15:30:10.474+00:00
- 2016-01-04T15:30:10,474+00:00
- 2016-06-22T10:00:00.000Z
- 2016-06-22T10:00:00,000Z
- 2016-06-22T10:00:00Z
- 2016-06-22T10:00:00.298Z
- 2016-06-22T10:00:00.298
- Timezone specified by using +/- notation, for example:
- 2014-03-23T22:04:23-0400
- Default Log4j date and time format, for example:
- 2016-06-24 10:38:09,758
- 2016-06-24 10:38:09
- Time since epoch, for example:
- 1466595234226
- Greylog date format, for example:
- 1385053862.3072
- 1444128321.426
- 2015-11-13T09:21:45.298
Please keep in mind that you can also omit sending the @timestamp field along with your data sent to Logsene. Logsene will generate the value of the @timestamp field automatically. In such cases the time of the event will be set to the time note:
- if @timestamp field is not provided Logsene will set @timestamp to the time when the event is received by Logsene.
- if time specified in @timestamp does not include timezone information, Logsene will assume UTC.