Currently, the only allowed field for time search is the @timestamp (p_timestamp), but I had issues while ingesting historical data, because I have a custom field called _ingested which refers to when the log actually happened, but the "timeframe" only respects the p_timestamp. Also, I cannot change the default time partition field from the UI.

Since currently the time field is @timestamp - which refers to when the log arrived - it's not suitable for our needs.

The _ingested refers to a date in the past, and p_timestamp refers to when the data was captured. The issue is that I am collecting historical data into Parseable, but I cannot query historically.

Can you help me?