Log Order Inconsistency in ElasticSearch and Kibana due to Timestamp Precision Mismatch #1151
Description
Describe your use-case which is not covered by existing documentation.
By default, Elasticsearch supports timestamps with millisecond precision. However, the OpenTelemetry plugin captures logs with nanosecond precision. This mismatch can result in logs appearing out of order when retrieved or viewed, especially in high-throughput scenarios where many log lines are generated within the same millisecond but differ at the nanosecond level.
This behavior is primarily observed when Elasticsearch is configured with default timestamp mapping (millisecond precision), causing multiple log entries with distinct nanosecond-level timestamps to be ingested with the same millisecond timestamp. As a result, the original order of logs may not be preserved.
From version 7.0 onwards, Elasticsearch has added support for nanosecond-precision timestamps.
Relevant references:
Journey to support nanosecond timestamps in Elasticsearch
Elasticsearch documentation: date_nanos mapping
It should be possible to configure the OpenTelemetry Collector and Elasticsearch (or other observability backends) to support nanosecond-precision timestamps in order to preserve the correct order of log entries.
Reference any relevant documentation, other materials or issues/pull requests that can be used for inspiration.
No response
Are you interested in contributing to the documentation?
Yes