Elasticsearch Date Processor not parsing properly

gerard1 · October 22, 2019, 9:24am

I'm trying to parse a log date with an Elasticsearch ingest pipeline, using date processor, but the parsed date is not correct.
All the other pipelines that I've created work correctly, except this one.

Here is what I'm using:

Raw log date: Tue Oct 22 10:58:00.645020 2019
Processor:
"date": { "field": "log.time", "target_field": "@timestamp", "formats": ["EEE MMM dd H:m:s.SSSSSS yyyy"] }
Result: 2019-10-22T00:00:00.000Z

The date shown in the log.time field is correct (Tue Oct 22 10:58:00.645020 2019)

I've also tried the following format, without success: EEE MMM dd HH:mm:ss.SSSSSS yyyy

Glen_Smith · October 23, 2019, 4:21am

Maybe instead of S (fraction-of-second), try n (nano-of-second).

gerard1 · October 23, 2019, 6:59am

Doesn't work neither.

gerard1 · October 23, 2019, 7:05am

Apparently, I was looking at the wrong timestamp field (ingest one)...

Using EEE MMM dd H:m:s.SSSSSS yyyy works.

system · November 20, 2019, 7:05am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Date processor error Elasticsearch ingest-pipeline	4	440	August 17, 2021
Date processor ingest pipeline failed to parse Elasticsearch ingest-pipeline	5	879	June 9, 2022
Ingest date with 12 hour format Elasticsearch	5	2012	August 8, 2019
Date processor - Pipeline Elasticsearch ingest-pipeline	4	1157	March 19, 2022
Date extract in elastic is showing as String Type and NOT Date Elasticsearch	4	372	May 7, 2020

Elasticsearch Date Processor not parsing properly

Related Topics