Hello,
I have this format of date,
Thu May 4 13:38:33 2017 DISCONNECT S248/15 host 192.168.54.63/3300 (192.168.54.63)
Did it's possible to transform it on "YYYY-MM-dd HH:mm:ss" ?
date ingest processor can process a String to extract a Date from it.
Is that what you mean?
In fact, my date format is like that :
Thu May 4 13:38:33 2017
And i want to transform it on YYYY-MM-dd HH:mm:ss.
Can we do transform it with the option "date" ?
Because I have a grok who extract perfectly each field of the date .
Why do you want to transform it as a String using this format YYYY-MM-dd HH:mm:ss instead of a Date that you can actually use to compute aggs or run range queries on it?
Because I want to replace my date in the timestamp, and i think that's it didn't work if the format is incorrect, right ?
But what for? I totally understood that you want to change Thu May 4 13:38:33 2017 to YYYY-MM-dd HH:mm:ss but do you intend to just store that field as a String or do you actually want to be able to use it (filter by date, date_histogram agg...)?
Yes, I want to be able to use it ((filter by date, etc) 
In fact, it's a file log.
I have 2 field, the timestamp which take the time when the upload file and the datestamp (the real log time).
I want to replace the timestamp by the datestamp
Then I'd use the Date Processor as I told in Date transform
https://www.elastic.co/guide/en/elasticsearch/reference/5.4/date-processor.html
Or I'd change the mapping for the field and change its format so you don't have to pre-process it: https://www.elastic.co/guide/en/elasticsearch/reference/5.4/mapping-date-format.html
1 Like
Okay i'll check , thanks my friend 
Where do you put the processor ?
In an ingest pipeline: https://www.elastic.co/guide/en/elasticsearch/reference/5.4/ingest.html
1 Like
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.