Update fluentd example (#1479)

markxnelson · web-flow · commit 8f6226fc73a1 · 2020-03-18T14:13:49.000-04:00
* update fluentd example

* updates based on review feedback
diff --git a/docs-source/content/samples/simple/elastic-stack/weblogic-domain/_index.md b/docs-source/content/samples/simple/elastic-stack/weblogic-domain/_index.md
@@ -120,6 +120,10 @@ data:
         format11 / <(?<severity>(.*?))>/
         format12 / <(?<messageID>(.*?))>/
         format13 / <(?<message>(.*?))>/
+        # use the timestamp field in the message as the timestamp
+        # instead of the time the message was actually read 
+        time_key timestamp
+        keep_time_key true
       </parse>
     </source>
     <match **>
@@ -131,6 +135,12 @@ data:
       index_name "#{ENV['DOMAIN_UID']}"
       scheme https
       ssl_version TLSv1_2
+      key_name timestamp 
+      types timestamp:time
+      # inject the @timestamp special field (as type time) into the record
+      # so you will be able to do time based queries.
+      # not to be confused with timestamp which is of type string!!!
+      include_timestamp true
     </match>
 EOF
 ```
