On of the crucial things when working with time based data is the moment when the event was generated. Logsene assumes that the time of the event will be provided in the @timestamp field. The following formats are currently supported by Logsene when it comes to the @timestamp field:
- ISO Date with timezone information, for example
- 2016-06-22T10:00:00Z
- 2016-01-04T15:30:10.474+00:00
- 2016-01-04T15:30:10,474+00:00
- 2016-06-22T10:00:00.000Z
- 2016-06-22T10:00:00,000Z
- 2016-06-22T10:00:00Z
- 2016-06-22T10:00:00.298Z
- 2016-06-22T10:00:00.298
- Timezone specified by using +/- notation, for example:
- 2014-03-23T22:04:23-0400
- Default Log4j date and time format, for example:
- 2016-06-24 10:38:09,758
- 2016-06-24 10:38:09
- Time since epoch, for example:
- 1466595234226
- Greylog date format, for example:
- 1385053862.3072
- 1444128321.426
- 2015-11-13T09:21:45.298
Please keep in mind that you can also omit sending the @timestamp field along with your data sent to Logsene. Logsene will generate the value of the @timestamp field automatically. In such cases the time of the event will be set to the time when the event is received by Logsene.