Date filter not working with AM | PM

sonukumarsah · May 8, 2019, 2:39pm

I have some log file for example this:

{logtimestamp: Mar 29, 2019 11:43:22:948 AM SEVERE: ############SESSION JVM }

As I want to use the timestamp in the log file, I use a data filter to match it

date {
match => ["logtimestamp","MMMM dd, yyyy hh:mm:ss a"]
target => "dateformat"
}

But when I look into Kibana, I didn't find "dateformat" index.

I also tried with this, but i didn't get
match => ["logtimestamp", "MMMM dd, yyyy HH:mm:ss:SSS"]
if i remove AM | PM then its working correct, but the problem is how we can identify when it happen.

Can somebody tells me how to fix this?

Badger · May 8, 2019, 2:58pm

You need to match the milliseconds too

match => ["logtimestamp", "MMM dd, yyyy hh:mm:ss:SSS a"]

sonukumarsah · May 9, 2019, 5:44am

thank you very much @Badger its working correct what i need exactly same.

system · June 6, 2019, 5:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Date filter not working for AM/PM Logstash	3	6754	July 11, 2017
Date Filter from DD/MMM/YYYY:hh:MM:ss to @timestamp not working Logstash	3	1788	July 5, 2018
Kibana not recognizing logstash date filter Logstash	2	298	September 17, 2019
Data filter not working properly Logstash	5	443	November 15, 2018
Logstash Date Filter not working on Kibana Logstash	10	882	September 18, 2020

Date filter not working with AM | PM

Related topics