I have the following setup: I have a Java tool which sends JSON messages to RabbitMQ. They look like this:
{
"a": 0,
"b": 1,
"c": 2
}
Now I use Logstash to read the RabbitMQ queue and store them into Elasticsearch, so I can analyze the data with Kibana. The JSON stored in Elasticsearch looks like this:
{
"a": 0,
"b": 1,
"c": 2,
"@version": "1",
"@timestamp": "2014-01-22T19:05:19.136Z"
}
I don't think the @timestamp field will be of any use for what I'm doing. When I use cURL to store the same JSON in Elasticsearch, only the @version field is there, the @timestamp field is not present. Is there any way to configure Logstash to not save @timestamp?