Is there a way ElasticSearch can still map this timestamp field without errors?
Thanks,
Tony
Can you elaborate a little more on your issues please.
Where are you getting this? Where is the data coming from?
Hello Mark,
I was getting this from Suricata logs under windows, the linux timestamp was fine so I was able to see those devices in elasticsearch. The data was read by filebeat and sent to elasticsearch. Please note that I was able to correct the issue by updating Suricata to the latest version 6.0.1 so this is no longer a problem.
Regards,
Tony
1 Like
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.