GROK Filter - Extract Year and Month

JeremyP · December 10, 2021, 9:08pm

Hi.... I'm looking for some help on creating a new field based on a grok pattern.

Here is the field in question:

"last_assessed_for_vulnerabilities": "2021-12-10T07:05:41.154Z"

I'm looking to create the following field using the year and month date...

report_period : 2021-12

I'm close, but I can't seem to get GROK to process the month properly. Any help is appreciated!

Badger · December 10, 2021, 10:01pm

How about

grok {
    pattern_definition => { "MYDATE" => "%{YEAR}-%{MONTHNUM}" }
    match => { "last_assessed_for_vulnerabilities" => "^%{MYDATE:someFeild}" }
}

system · January 7, 2022, 10:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Logstash custom DATE fields (extracted by regex or custom patterns) how to convert it to DATE field Elasticsearch	8	552	January 4, 2024
Logstash date filter and Timestamp Logstash	4	697	August 11, 2020
Yet another @timestamp log file trouble... but it should be easy! Logstash	34	11542	July 6, 2017
Need a date parser for my custom date fielsd Logstash	3	1263	July 6, 2017
Grok Pattern for date and time format "03-MAR-21 00:40:21" Logstash	4	17292	May 21, 2021

GROK Filter - Extract Year and Month

Related Topics