This is my log file:
21/Oct/2015:12:28:13 +0530
21/Oct/2015:12:28:13 +0530
21/Oct/2015:12:28:13 +0530
21/Oct/2015:12:28:13 +0530
21/Oct/2015:12:28:13 +0530
21/Oct/2015:12:28:13 +0530
And this is my output:
Logstash startup completed
{
"message" => "21/Oct/2015:12:28:13 +0530\r",
"@version" => "1",
"@timestamp" => "2015-10-21T06:58:13.000Z",
"host" => "7LH4ZR1",
"path" => "C:\Users\eagasur\logs1.log",
"mytimestamp" => "21/Oct/2015:12:28:13 +0530"
}
{
"message" => "21/Oct/2015:12:28:13 +0530\r",
"@version" => "1",
"@timestamp" => "2015-10-21T06:58:13.000Z",
"host" => "7LH4ZR1",
"path" => "C:\Users\eagasur\logs1.log",
"mytimestamp" => "21/Oct/2015:12:28:13 +0530"
}
As logstash generates its own timestamp in the field @timestamp. But i have to use mytimestamp of the old logfile for plotting the graph in Kibana so i am trying to replace the @timestamp with mytimestamp. But its not working.
I have used the same procedure as discussed in the link: