Filebeat - Module Elasticsearch - Parsing date

vasek · November 13, 2019, 7:01am

Hello,
I am using Filebeat Elasticsearch Module, but timestamp is not parsed from elasticsearch logs. Can Filebeat Elasticsearch Module parse timestamp from elasticsearch logs? From some reason I see all collected documents in index with the same timestamp.

I am using Elasticstack components of version 7.0.1.

shaunak · November 13, 2019, 5:57pm

Can you share the following information:

your modules.d/elasticsearch.yml
some sample lines from the Elasticsearch log that are not being parsed correctly
a document from the index corresponding to one of the sample lines from above, showing the badly-parsed timestamp
Elasticsearch generates mutiple log files — please tell us if this is the server log, deprecation log, or some other log.

Thanks,

Shaunak

Topic		Replies	Views
Filebeat collect log and output to es but occur time parse error Beats filebeat	7	874	November 20, 2020
Get timestamp from log lines Beats filebeat	4	11920	February 28, 2018
Filebeat's elasticsearch module output wrong timestamp on Kibana Logs Beats filebeat	1	1098	June 25, 2019
Elasticsearch json logging @timestamp missing Elasticsearch	1	694	August 26, 2022
Filebeat uses process time instead event time Beats filebeat	2	538	June 18, 2021

Filebeat - Module Elasticsearch - Parsing date

Related topics