Hi,
I am new to logstash and playing around with it. I have a simple set-up in which I am forwarding logs using logstash-forwarder to logstash. Both logstash and logstash-forwarder are in the same machine.
My logstash config file is as below:-
input {
lumberjack {
port => 6782
ssl_certificate => "/home/d/Documents/logstash/ssl_key/logstash-forwarder.crt"
ssl_key => "/home/d/Documents/logstash/ssl_key/logstash-forwarder.key"
type => "lumberjack"
}
}
filter {
if [message] =~ /^\s*$/ {
drop { }
}
}
output {
stdout { codec => rubydebug }
}
My logststash-forwarder is like below:-
{
"network": {
"servers": [ "localhost:6782" ],
"ssl ca": "/home/d/Documents/logstash/ssl_key/logstash-forwarder.crt",
"ssl key" : "/home/d/Documents/logstash/ssl_key/logstash-forwarder.key",
"timeout": 15
},
"files": [
{
"paths": [ "-" ],
"fields": {
"type": "stdin",
"app" : "test"
}
}
]
}
When I enter a simple Hello in the logstash-forwarder stdin.
Hello
2015/07/16 15:22:25.426913 Registrar: processing 1 events
I get the below output in logstash console:-
{
"message" => "Hello",
"@version" => "1",
"@timestamp" => "2015-07-16T09:52:25.425Z",
"type" => "stdin",
"file" => "-",
"host" => "d-1383",
"offset" => "13",
"app" => "test"
}
When I execute date in the machine in which the logstash and logstash-forwarder is installed it produces the below output
Thu Jul 16 15:22:46 IST 2015
Can someone let me know how can I make @timestamp equal to the same timezone in which the event was generated? How can I make logstash make use local timezone of the machine in which it is running?