Generating timestamp by concatenating date from filename and time from log events

Hi,

I have a log file as follows:-
Loading jar:file:/D:/smart/ProgramFiles/liferay-portal-6.0.5/tomcat-6.0.26/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/system.properties
Loading jar:file:/D:/smart/ProgramFiles/liferay-portal-6.0.5/tomcat-6.0.26/webapps/ROOT/WEB-INF/lib/portal-impl.jar!/portal.properties
Loading file:/D:/smart/ProgramFiles/liferay-portal-6.0.5/tomcat-6.0.26/webapps/ROOT/WEB-INF/classes/portal-ext.properties
18:39:48,986 INFO [DialectDetector:69] Determining dialect for Oracle 11
18:39:49,267 INFO [DialectDetector:49] Using dialect org.hibernate.dialect.Oracle10gDialect
18:39:59,149 INFO [PortalImpl:277] Global lib directory /D:/smart/ProgramFiles/liferay-portal-6.0.5/tomcat-6.0.26/lib/ext/
18:39:59,163 INFO [PortalImpl:297] Portal lib directory

Atmost all log events have starting format as HH:mm:ss,SSS. The log file names are as follows:-
stdout_20161220
stdout_20161026

I need to take the date from file name and time from log events and put in field timestamp. How is it possible??

The file path should be in the path field so you can use a grok filter to extract the date. Use another grok filter to extract the timestamp (and other fields) from each message and use a mutate filter to combine the date and the time into a single field. Finally use a date filter to parse that timestamp.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.