Skip to content
This repository has been archived by the owner on Jun 6, 2020. It is now read-only.

Doc: unsupported ns timestamp in ELK for log ordering #10

Closed
gberche-orange opened this issue Feb 6, 2018 · 3 comments
Closed

Doc: unsupported ns timestamp in ELK for log ordering #10

gberche-orange opened this issue Feb 6, 2018 · 3 comments
Labels
accepted

Comments

@gberche-orange
Copy link

https://github.com/cloudfoundry/cf-syslog-drain-release/blob/develop/README.md#log-ordering mentions

Diego uses a nanosecond based timestamp that can be ingested properly by both ELK and Splunk with the instructions linked.

However the referenced elastisearch date documentation only mentions milliseconds supports and elastic/elasticsearch#10005 explicitly mentions lack of nanosecond support.

Is this an issue in the documentation, or could the documentation be more precise about ELK nanos support (such as storing the seconds fraction in a distinct ES field than the date) ?
@cf-gitbot
Copy link

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/154954090

The labels on this github issue will be updated when the story is started.

thepeterstone added a commit that referenced this issue Feb 13, 2018
@thepeterstone
Update with ELK's precision limitations
e84c2eb 
Addresses feedback from #10
@thepeterstone
Copy link
Contributor

Hi @gberche-orange,

Thanks for pointing that out. We've updated the documentation to reflect ELK's millisecond-precision.

@gberche-orange
Copy link
Author

thanks @thepeterstone

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
accepted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@thepeterstone @gberche-orange @cf-gitbot