Filebeat - Module Elasticsearch - Parsing date

vasek · November 13, 2019, 7:01am

Hello,
I am using Filebeat Elasticsearch Module, but timestamp is not parsed from elasticsearch logs. Can Filebeat Elasticsearch Module parse timestamp from elasticsearch logs? From some reason I see all collected documents in index with the same timestamp.

I am using Elasticstack components of version 7.0.1.

shaunak · November 13, 2019, 5:57pm

Can you share the following information:

your modules.d/elasticsearch.yml
some sample lines from the Elasticsearch log that are not being parsed correctly
a document from the index corresponding to one of the sample lines from above, showing the badly-parsed timestamp
Elasticsearch generates mutiple log files — please tell us if this is the server log, deprecation log, or some other log.

Thanks,

Shaunak

system · December 11, 2019, 5:57pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat collect log and output to es but occur time parse error Beats filebeat	7	785	November 20, 2020
Filebeat - json - elastic search - decoding time stamps Beats	2	546	November 22, 2017
Timestamps do not match Beats filebeat	4	4721	July 5, 2017
Elasticsearch json logging @timestamp missing Elasticsearch	1	591	August 26, 2022
Filebeat harvests log from elasticsearch and store field 'timestamp' without converting to utc time Beats elastic-stack-monitoring , filebeat	4	584	February 14, 2019

Filebeat - Module Elasticsearch - Parsing date

Related Topics