Returning the timestamp field in elasticsearch

Question

Why can I not see the _timestamp field while being able to filter a query by it?

The following query return the correct documents, but not the timestamp itself. How

Answer 1

It is not necessary to store the timestamp field, since its exact value is preserved as a term, which is also more likely to already be present in RAM, especially if you are querying on it. You can access the timestamp via its term using a script_value:

{
    "query": {
        ...
    },
    "script_fields": {
        "timestamp": {
            "script": "_doc['_timestamp'].value"
        }
    }
}

The resulting value is expressed in miliseconds since UNIX epoch. It's quite obscene that ElasticSearch can't do this for you, but hey, nothing's perfect.