Hi everyone,

I've got a box running Kibana and Elasticsearch, with the information being handed across by fluentd.  It's all working pretty well, and I've moved on to pushing Windows events through - which is where I'm struggling.

I'm using nxlog on a windows machine, and it's pushing the data directly to elasticsearch - unfortunately I cannot for love nor money get the date to be handled as a date, rather than a string; the nxlog output is:

    _{URL    http://192.0.0.10:9200
    ContentType application/json
    Exec   set_http_request_path(strftime($EventTime, "/windowsevents-%Y.%m.%d/" + $SourceModuleName)); delete($EventReceivedTime); rename_field("timestamp","@timestamp"); to_json();}

I create a new index with a pattern of *windowsevents*\*, but the *EventTime* field is stated as a string, not a date - so I can't sort data by age.  *@timestamp* clearly isn't getting populated, as the *timestamp* field isn't being used.  Has anyone used a similar setup?  Is there a way to push the data on as a date?

Apologies if I've missed out pertinent information - it's all a bit new to me.