elasticsearchtimekibanaopensearchopensearch-dashboards

How to create a date histogram in Kibana?


I want to create a date histogram with opensearch dashboards. The time format of my data is YYYY-MM-DD HH:mm:ss.SSS, which I have set under Stack Management > Advanced Settings > Date Format. I get an error like this: enter image description here

Under Discover, I can sort by "date", as it is of type "float". My field "timestamp", by which I would like to sort, is of type "string", and I cannot change this via the API:

{"error":{"root_cause":[{"type":"illegal_argument_exception","reason":"mapper [timestamp] cannot be changed from type [text] to [date]"}],"type":"illegal_argument_exception","reason":"mapper [timestamp] cannot be changed from type [text] to [date]"},"status":400}

I'm stuck, can someone please help?


Solution

  • To use a field for date histogram aggregation, the field type should be a date. Unfortunately, it's not possible to change the field type from Kibana => Stack management.

    Here is some solution for your case:

    1. Use Histogram aggregation
    2. Set the field type and re-index the data

    Here are the steps for the second option.

    #Check the mapping old_index = your existing index name

    GET old_index

    #Put the new mapping before reindexing

    PUT new_index
    {
      "mappings": {
        "properties": {
          "timestamp": {
            "type": "date",
            "format": ["YYYY-MM-DD HH:mm:ss.SSS"]
          }
        }
      }
    }
    

    #reindex the data

    POST _reindex?wait_for_completion=false
    {
      "source": {
        "index": "old_index"
      },
      "dest": {
        "index": "new_index"
      }
    }