I have to extract a date from a log file, need to convert it to another date format and save it to Elasticsearch. My logstash code is like this
filter {
My log file is like this
20-Jun-2018 11:08:22.137 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version: Apache Tomcat/8.5.31
What I want is I need to change the timestamp into another timezone and save it to Elasticsearch. Any help would be appreciable.
Badger
June 22, 2018, 2:27pm
2
Try
dissect {
mapping => { "message" => "%{ts} %{+ts} %{restOfLine}" }
}
date { match => [ "ts", "dd-MMM-yyyy YY:mm:ss.SSS" ] timezone => "Europe/Moscow" }
Note that all dates in elasticsearch are stored as UTC.
Badger:
dd-MMM-yyyy YY:mm:ss.SSS
What I want is not to change the timezone, but to change the time format like
dd-MMM-yyyy YY:mm:ss.SSS to yyy-MMM-dd YY:mm:ss.SSS
I have mapped my time index in Elasticsearch as like follows
PUT application_log
"timestamp": {
"type": "date",
"format": "dd-MMM-yyyy HH:mm:ss.SSS"
}
}
}
}
}
}
}
so I need to convert the date format from logstash
system
July 23, 2018, 4:54am
4
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.