Date config issue and removing GMT

Hello All,

I've been asked to find a log storage solution and i found one i love... :slight_smile:

The install of everything went great with zero errors and my initial imports were working but the Kibana functionality isn't there due to my horrible import method.

Log Format <netscaler.csv>

Config File

Other Info:
ELK Stack on Ubuntu server, geo-ip plugin, csv filter

The end goal would be to create a view to see dates and times a user logged in for auditing, but i believe the GMT-0500 is affecting this and needs to be removed.

tl;dr: I require assistance with parsing a log so i can show value to my colleagues in using ELK Stack as our logging solutions.

Cheers

The end goal would be to create a view to see dates and times a user logged in for auditing, but i believe the GMT-0500 is affecting this and needs to be removed.

What's the current result that you're getting? What do you expect to get instead?

Hey Magnus,

The current result is: [DetectionTime:Thu Jan 4 15:55:58 GMT-0500 2018] and the detection time is a string and not a date.

It will not allow me to choose DetectionTime as a date, my belief is this is due to the GMT-0500 in the DTS.

Cheers

Seems like the date filter isn't working then. If it fails to parse a timestamp string it'll give clues about where the parsing failed in the Logstash log.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.