Convert logstash date sting

Charaf_Ahmed · August 19, 2018, 8:38am

Hello,

I am not blocked on a problem of conversion of string in date timestamp.
Indeed, I have a filebeat that reads a json file already made and sends it to logstaash. and at the logstash level, I wanted to convert the timestamp field to date so that it takes into account the date of the log and not the indexing date of the data in the database.

here is the output of logstash :

   "full_log" => "Aug  1 02:02:15 xxxx sshd[12571]: Failed password for root from 1.1.1.1 port 3 ssh2",
    "predecoder" => {
           "timestamp" => "Aug  1 02:02:15",
        "program_name" => "sshd",
            "hostname" => "xxxxx"
    },
        "offset" => 3,
    "@timestamp" => 2018-08-19T08:24:26.705Z 
    }

The changes I made at the logstash level did not do anything

date{
	match => ["timeestamp", "YYYY-MM-dd HH:mm:ss", "YYYY/MM/dd HH:mm:ss +0200"]
	target => "@timestamp_new"
	timezone => "UTC"
}

What should I change to solve my problem? Thank you

Badger · August 19, 2018, 2:19pm

Are you trying to parse [precoder][timestamp]?

system · September 16, 2018, 2:19pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Conver String to date (or replace @timestamp) (SOLVED) Logstash	13	20005	July 6, 2017
Convert String to Date Elasticsearch	1	251	August 12, 2021
How to convert String to Timestamp Logstash	2	961	February 18, 2019
Unable to convert timestamp to Date field Logstash	13	3120	March 20, 2018
Convert field containing a timestamp from string to a date / time or timestamp? Logstash	48	6634	April 6, 2021

Convert logstash date sting

Related topics