How do you handle time keys?

[kayrus]

I need to store timestamps under "time" key for Kibana. But journald logs appear with @timestamp key. Which results in empty search results in Kibana, until I remove the index and set it to @timestamp key.

[errm]

TBH I can't really remember how kibana works with this, we stopped using it about 6 months ago.

Is it possible to configure the key used for timestamps?

As far as I remember all we needed to do to have kibana play nicely was set the strip_underscores option to true.

If you need something custom for a reason you should be able to change stuff with a plugin like https://github.com/repeatedly/fluent-plugin-record-modifier