Extract datatime in log and convert in datatime field?

Nikolas1306 · October 19, 2022, 3:14pm

i ve this config in logstash

filter
{

grok {
   match => ["message", "%{TIMESTAMP_ISO8601:timestamp_message}"]
}


  date {
           match => ["timestamp_message","YYYY-MM-dd HH:mm:ss"]
           target => "@timestamp"
      } 
}

but in my kibana "timestamp_message" is not datetime filelds and is not have order

Badger · October 19, 2022, 9:57pm

Your [timestamp_message] field has milliseconds. Your date filter has to consume that. Try "YYYY-MM-dd HH:mm:ss,SSS".

Nikolas1306 · October 19, 2022, 11:06pm

hello i've resolved with


grok {
   match => ["message", "%{TIMESTAMP_ISO8601:logmessage}"]
 }


           
           date {
	         match => [ "logmessage", "ISO8601", "YYYY-MM-dd HH:mm:ss" ]
	         target => "logdate"
	        
        }

system · November 16, 2022, 11:07pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Grok filter TIMESTAMP_ISO8601 appears in Kibana as String Logstash	4	1695	January 11, 2021
Is there a way to match Timestamps with the time in the message of the log Logstash	10	394	August 26, 2020
How to convert and store logs time in a field with date type. I'm new to it and need to show some results asap Logstash	5	1149	March 7, 2019
Unable to parse datetime from log message Logstash	5	960	February 21, 2019
Strugging with the date filter Logstash	3	531	July 25, 2018

Extract datatime in log and convert in datatime field?

Related topics