_dateparsefailure

Lucifer_hbp · December 23, 2016, 8:17am

Hi,
How to write grok match for following date in logstash:
20161219T003209.939-05:00

I have tried following but it is giving "_dateparsefailure:"

date{
match => [ "timestamp" , "yyyyMMddHHmmss.SSSZ" ]
}

Any help please!!!

jsvd · December 23, 2016, 5:53pm

your format has T in the middle, so you need this instead:

filter { date { match => [ "message" , "yyyyMMdd'T'HHmmss.SSSZ" ] } }

Lucifer_hbp · January 2, 2017, 12:52pm

Sry for the delayed reply, this pattern worked

Thanks alot !!

system · January 30, 2017, 12:53pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
_dateparsefailure again Logstash	3	1148	June 27, 2017
_dateparsefailure csv date time YYYY-MM-dd HH:mm:ss Logstash	1	381	July 17, 2020
Dateparsefailure error logstash Logstash	1	196	June 30, 2021
Logstash Data parsing error - _dateparsefailure Logstash	3	2846	August 3, 2017
Logstash _dateparsefailure error Logstash	6	17316	July 6, 2017