Hello,
I'm dealing with this problem for quite some time now and after reading all topics related to this, I still wasn't able to find the solution. I am trying to replace the @timestamp field with my log timestamp having the pattern:
2020-04-13T13:51:30,127+0300.
I am sending the logs through a TCP socket from a Maven log4j2 application.
I keep getting the _dateparsefailure tag in Kibana. I have tried matching with the "ISO8601" but failed as well. If anyone has an idea about what could be the problem, please help. Thank you!
Would it be possible to temporarily disable the elasticsearch output and use stdout { codec => rubydebug } instead to see the content of the timestamp field?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.