...
- [log_id] : the log id. This id IS UNIQUE per time event, per facet value and field. The time event, which is "daily" by default, correspond to the unity that will be used to visualize data in Kibana. For example, with the default "daily" unity, you will have one Elasticsearch document by facet value and field, by day. If you set the time event unity to "hourly" you will have one Elasticsearch document by facet value and field by hour. The time event unity can be changed in the code. and is generated from these 3 values. The reason behind this is the [DEPRECATED] ELK.
- [timestamp] : the timestamp of the log. It is formatted and could be different from the log4j timestamp so it is mandatory
- [num_doc] : the number of documents found according to the facet
- [facet_value] : the facet value
- [facet_field] : the facet field used, in relation with the facet value
...