hi,
I want to extract date from a log file to another field in elastic search that is coming through logstash. My log file is like this
21 May 2018 12:13:32,025 INFO [org.jboss.as.configadmin] (ServerService Thread Pool -- 26) JBAS016200: Activating ConfigAdmin Subsystem
What I want is get the date field extracted using logstash and save it to elastic search. Any help would be appreciable.
Use a grok filter to extract fields (like the timestamp) and use a date filter to parse the timestamp into a standard format.
This is a standard setup for which there are countless examples, though probably not the exact log format you have.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.