I think the code would be something like:
filter {
ruby {
code => "event['local_time'] = event['@timestamp'].localtime('+01:00')"
}
}
But I'm unsure how to get that value in a new field
I think the code would be something like:
filter {
ruby {
code => "event['local_time'] = event['@timestamp'].localtime('+01:00')"
}
}
But I'm unsure how to get that value in a new field
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.