Menu
So I haven't been able to find anything in the Elasticsearch documentation regarding the meaning of using a @ prefix for field names (if there is a doc about this, my question might have an easy answer).
I've seen it used in cases where the field represents something about the log line - easy example being @timestamp, in the case of AWS Cloudwatch logs to AWS Elasticsearch Service it passes things like @log_group, @id, etc.
It would be interesting to know if using the @ symbol is simply a naming convention (someone decided to distinguish log line meta information from pertinent fields), or if there is some kind of functional difference in prefixing the field name with @.
Any insight (or answers)?
650
@ doesn't have a special meaning inside Elasticsearch.
Logstash uses this convention to define some "metadata" fields for the events, like @timestamp and @version.
96
Really i don't find any official documentation about this in Elasticsearch, but, i find that some libraries who uses Elasticsearch results points @ as a annotation, to specify what's the _timestamp for example.
For example, as explain in this issue, the Grafana uses the @timestamp annotation for default, and if you use a custom timestamp you will need to specify they.
41
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
