hi,
I want to extract date from a log file to another field in elastic search that is coming through logstash. My log file is like this
21 May 2018 12:13:32,025 INFO [org.jboss.as.configadmin] (ServerService Thread Pool -- 26) JBAS016200: Activating ConfigAdmin Subsystem
What I want is get the date field extracted using logstash and save it to elastic search. Any help would be appreciable.
Use a grok filter to extract fields (like the timestamp) and use a date filter to parse the timestamp into a standard format.
This is a standard setup for which there are countless examples, though probably not the exact log format you have.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.