Date Filter

merrillbeth · February 7, 2018, 8:18pm

Hi. I've tried this as well but am still having the issue where the match string now matches the Time attribute rather than the log timestamp. My current config looks like so:
input {
kafka {
bootstrap_servers => "kafka02.company.net:9093"
topics => ["Capsule_logs"]
}
}

filter{
grok {
patterns_dir => ["/etc/logstash/patterns"]
match => [ "message", "%{LOGTIMESTAMP:logTimestamp}" ]
}

    date {
        timezone => "UTC"
        match => ["logTimestamp", "MMM  d HH:mm:ss"]
        target => "logTimestamp"
    }
}

output {
elasticsearch {
hosts => ["https://user:password.deployment-logs.company.com:17825/"]
ssl => true
ssl_certificate_verification => true
}
}

I tried the locale parameter which caused a dateparse error. I realize once this is working I'll have to add an additional match parameter for dd.

Thanks!

Topic		Replies	Views
Date Filter Plugin Not Working With Elasticsearch Logstash	6	972	December 12, 2017
Date filter not working in Logstash Logstash	3	1625	July 6, 2017
Date filter not working for timestamps Logstash	3	1213	June 28, 2017
Date Filter Doesn't Work Logstash	6	923	November 2, 2018
Dealing with string date Logstash	5	263	March 25, 2020

Date Filter

Related topics