The date filter fails for [DataRow][created_at] (_dateparsefailure) , but if I copy the field [DataRow][created_at] to [rubentest] and use date on that it works.
I'm guess I'm using the wrong syntax to access nested field in date filter but I don't understand what I'm doing wrong.
I wonder if this has something to do with the jdbc input because I tried with the generator input plugin instead of the jdbc input plugin and I there I can parse the field ok:
I suspect that the when I'm using the jdbc input the [DataRow][created_at] is not a string it must be represented some other way and it's only printed as "2024-12-12T10:29:57.832Z" when it's serialized in JSON lines.
I can't find any description of the jdbc input plugin maps the timestamp/datetime columns in jsql to logstash, but I'm the [DataRow][created_at] is a "Logstash Timestamp object" and not a string. And logstash knows how to convert the Logstash::Timestamp object to a string at the output.
That is correct. The jdbc input automatically converts datetime columns to LogStash::Timestamp objects. You would see a difference when using a rubydebug codec on the output. Instead of "2024-12-12T10:29:57.832Z" a LogStash::Timestamp would be 2024-12-12T10:29:57.832Z, without quotes.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.