Converting string to date

FrankC · August 4, 2015, 4:15pm

Hi Aaron. I got it to work. Thanks for your help!!

For completeness I added the steps below.

1. Multiline filter to combine the multi line messages into one line

multiline {
patterns_dir => "path_to_grok_patterns"
pattern => "(^%{TOMCAT_DATESTAMP})|(^%{CATALINA_DATESTAMP})"
negate => true
what => "previous"
}

2. Parsed the message into separate fields using available patterns

grok {
patterns_dir => "path_to_grok_patterns"
match => { "message" => "%{CATALINA_DATESTAMP:timestamp} %{JAVACLASS:java_class} %{WORD:java_method}%{GREEDYDATA:error_msg}" }
}

3. Replaced the @timestamp logstash field with the timestamp data from the file

date {
match => [ "timestamp", "MMM dd, yyyy HH:mm:ss a" ]
}

Regards,
Frank

Topic		Replies	Views
Convert String to timestamp example Logstash	7	18668	April 28, 2017
How to convert string to date in logstash Logstash	2	1299	July 6, 2017
Unable to convert date from string/ change @timestamp value Logstash	15	1327	February 25, 2020
String to Date, besides default system @timestamp Logstash	3	852	July 6, 2017
How to convert field date from String to Date? Logstash	13	9343	April 20, 2020

Converting string to date

1. Multiline filter to combine the multi line messages into one line

2. Parsed the message into separate fields using available patterns

3. Replaced the @timestamp logstash field with the timestamp data from the file

Related topics