Hi,
I have this situation where I have installed filebeat in a server to monitor OASIS application logs.
Their log is not very constant and has multiple formats across 100 files.
Is there a way to pickup the time of the event in the log message without a GROK? The @timestamp shows the time of when the logs were parsed in Logstash, so thats not ideally correct.
The logs only follow a limited number of date patterns, which I want to extract from the message. Nothing else.
Thanks!
Regards,
Katara