Get the right timestamp for old log files

simonrisberg · July 24, 2015, 9:47am

input {
  syslog {
    port => 5514
    codec => "json"
  }
  file {
    path => "/var/externallogs_maven/data"
    type => "nexus-log"
    start_position => "beginning"
  }
}
filter {

   grok {

     type => "nexus-log"

     match => [
        "message", "\b\w+\b\s/nexus/content/repositories/(?<repositories>[^/]+)",
        "message", "(?<mytimestamp>%{MONTHDAY}/%{MONTH}/%{YEAR}:%{HOUR}:%{MINUTE}:%{SECOND} %{ISO8601_TIMEZONE})"

      ]
   }
   date{
      match => ["mytimestamp", "dd/MMM/YYYY:HH:mm:ss Z" ]

   }

}
output {


  elasticsearch{
    host => es
    port => 9300
    cluster => "elkjepp"
    protocol => "transport"
 }
 stdout { codec => rubydebug }
}

Topic		Replies	Views
How to make an own timestamp from old log file Logstash	6	1545	October 6, 2017
Simple question about timestamp in logs Kibana	4	219	April 9, 2023
Timestamp => @timestamp Logstash	17	4043	June 14, 2017
Make @timestamp the same as Log's timestamp Logstash	5	303	July 21, 2019
Changing timestamp Logstash	7	1164	July 6, 2017

Get the right timestamp for old log files

Related topics