Date filter - timestamp & @timestamp are diffrent

ssasporta · July 29, 2017, 2:34am

Hi,

The timestamp in the log is : 26/Jul/2017:00:00:00

I defined a pattern: HTTPDATE %{MONTHDAY}/%{MONTH}/%{YEAR}:%{TIME}

In the grok I have it : %{HTTPDATE:timestamp}

And this is the filter I do:

        date {
              match => [ "timestamp" , "dd/MMM/YYYY:HH:mm:ss" ]
        }

The results in output:

  "timestamp" => "26/Jul/2017:00:00:00",

  "@timestamp" => 2017-07-25T21:00:00.000Z,

Why isn't it the same? Any idea?

Thanks
Sharon.

magnusbaeck · August 11, 2017, 6:17pm

timestamp is local time and @timestamp is UTC.

system · September 8, 2017, 6:18pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash filter date Logstash	3	283	November 11, 2018
@TimeStamp of logstash Kibana	2	243	October 2, 2019
Timestamp => @timestamp Logstash	17	4043	June 14, 2017
@timestamp not matching date parsed, apache logs Logstash	3	2799	July 6, 2017
Filter "Date" not applying to @timestamp Logstash	3	334	May 10, 2019