You have 2 timestamp fields: @timestamp, and timestamp. Looks like the timestamp field is the one that cannot be parsed. I see this value in the first doc: "timestamp":"Mar 13 12:15:39". You either need to format this properly from the LS side, or use the right date format on the ES side.
-- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/1a60d95c-f959-4f64-9307-c0aa4ce7e2f3%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
