Converting date format in logstash

Melvin_Moses · June 22, 2018, 1:13pm

I have to extract a date from a log file, need to convert it to another date format and save it to Elasticsearch. My logstash code is like this

filter {
grok{
patterns_dir => "./patterns"
match => [ "message", "%{pattern:timestamp} %{GREEDYDATA:message}" ]
}
}

My log file is like this

20-Jun-2018 11:08:22.137 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version: Apache Tomcat/8.5.31

What I want is I need to change the timestamp into another timezone and save it to Elasticsearch. Any help would be appreciable.

Badger · June 22, 2018, 2:27pm

Try

    dissect {
        mapping => { "message" => "%{ts} %{+ts} %{restOfLine}" }
    }
    date { match => [ "ts", "dd-MMM-yyyy YY:mm:ss.SSS" ] timezone => "Europe/Moscow" }

Note that all dates in elasticsearch are stored as UTC.

Melvin_Moses · June 25, 2018, 4:54am

What I want is not to change the timezone, but to change the time format like

dd-MMM-yyyy YY:mm:ss.SSS to yyy-MMM-dd YY:mm:ss.SSS

I have mapped my time index in Elasticsearch as like follows

PUT application_log
{"mappings": {
"doc": {
"properties": {

      "timestamp": {
        "type": "date",
        "format": "dd-MMM-yyyy HH:mm:ss.SSS"
          }
        }
      }
    }
  }
}

}
}

so I need to convert the date format from logstash

system · July 23, 2018, 4:54am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash changing date received from filebeat Logstash	4	543	July 30, 2018
How to change date format in logstash? Logstash	2	2161	December 31, 2020
How to special date time format to timestamp format Logstash	7	245	January 2, 2023
Date format in Elasticsearch Logstash	9	1253	December 16, 2021
How can I convert @timestamp from logstash to encoded format as YYYY-MM-DDThh:mm:ss.sss+/-hh:mm Logstash	12	547	November 25, 2022

Converting date format in logstash

Related topics