Date processor on ingest node not working

King_Duenas · October 10, 2018, 10:20am

Hi, I want to replace the "@timestamp" date with the timestamp date of the logs.

my logs format:
2018-09-13 09:53:15,547 [Process-333016][Thread-4] Browser.Info(158) INFO - [CCB 6217003360005849707] page status: complete

i have tried this,

PUT /_ingest/pipeline/logpipeline2
{
"description" : "Pipeline for logs from filebeat2",
"processors": [
{
"grok": {
"field": "message",
"patterns": ["%{TIMESTAMP_ISO8601:logtimestamp} (?< message >(.|\r|\n)*)"]
},
"date" : {
"field" : "logtimestamp",
"target_field" : "@timestamp",
"formats" : ["YYYY-MM-dd HH:mm:ss,SSS"]
}
}
]
}

cant find what is the issue becuase theres no errors shows on elastisearch.log and on filebeat.log.

anyone encounter the same issue?

system · November 7, 2018, 10:20am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat - Ingest Node - Parsing Date Beats filebeat	2	1109	July 16, 2018
Converting Date-String into Date with Ingest-pipeline not working Elasticsearch ingest-pipeline	2	1140	July 30, 2021
Elasticsearch Date Processor not parsing properly Elasticsearch	4	436	November 20, 2019
Date processor error Elasticsearch ingest-pipeline	4	440	August 17, 2021
Filebeat not sending logs to elasticsearch when pipeline is configured in filebeat.yml Beats filebeat	2	841	February 20, 2020

Date processor on ingest node not working

Related topics