Changing Time Format

Badger · July 7, 2021, 9:55pm

If you want those fields to be strings in a particular format then I suggest using a date filter to parse them into LogStash::Timestamp objects, then ruby and strftime to set the format you want. Something like this

date {
    match => [ "deviceCustomDate1", "M/d/YYYY h:mm:ss a" ]
    target => "[@metadata][deviceCustomDate1]"
}
ruby {
    code => '
        t = Time.at(event.get("[@metadata][deviceCustomDate1]").to_f)
        event.set("deviceCustomDate1", t.strftime("%b %d %Y %H:%M:%S"))
    '
}

Not sure if you want to replace %d with %-d or %e.

Topic		Replies	Views
Logstash date filter for @timestamp and conversion Logstash	5	580	September 12, 2019
@timestamp format while exporting from elasticsearch to csv Logstash	6	1072	March 5, 2021
How to change date format in logstash? Logstash	2	2162	December 31, 2020
Unable to change date format Logstash	4	329	March 1, 2022
Change timestamp format Logstash	2	444	June 3, 2019

Changing Time Format

Related topics