CSV EPOCH to Timestamp

teamg · May 15, 2019, 8:35pm

I have a csv file with contents similar to this:

UNIT_ID,Serial_Number,TIME
UNIT4690,MMC3430089,1557866550
UNIT4691,MMC3500092,1557866545
UNIT4692,MMC5100135,1557866546

This first line are the column names. The TIME column is the EPOCH time of the record retrieval. I'm able to ingest it into Elastic via Logstash but I want the @timestamp to be the time in the TIME column.

My filter is as follows:

filter {
csv {
separator => ","
columns => [ "UNIT_ID" , "Serial_Number" , "Query Date" ]
}
    date {
            match => [ "TIME" , "UNIX" ]
    }
}

When I ingest it now they all have the same @timestamp. What am I missing?

Badger · May 15, 2019, 8:50pm

You renamed the TIME column to field [Query Date] using the columns option of your csv filter.

teamg · May 16, 2019, 3:04pm

Sure did. Replacing it with TIME fixed the problem. Thanks again Badger.

system · June 13, 2019, 3:04pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Parse string to timestamp in csv Logstash	10	2948	April 5, 2019
Convert epoch time columns to date in lostash config file Logstash	3	285	September 7, 2020
Parsing date for @timestamp Logstash	3	266	March 18, 2020
Time to timestamp issue Logstash	11	1010	February 15, 2018
Logstash Time Column Issue Elasticsearch	2	9	September 17, 2024

CSV EPOCH to Timestamp

Related topics