Hi,
I have date from logs in below format:
2018-10-06 04:25:43 EDT
how can I convert it using date filter. I tried
date {
match => { "Date", "yyyy-MM-dd HH:mm:ss ZZZ" }
target => ["@timestamp"]
}
however it produces _dateparsefailure error
Hi,
I have date from logs in below format:
2018-10-06 04:25:43 EDT
how can I convert it using date filter. I tried
date {
match => { "Date", "yyyy-MM-dd HH:mm:ss ZZZ" }
target => ["@timestamp"]
}
however it produces _dateparsefailure error
Any suggestions please ?
EDT isn't a supported timezone name. You can use a mutate filter's gsub option to replace the timezone names that you'll encounter in your logs with a UTC offset and use ZZ in the date pattern to parse it.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.