GROK Filter - Extract Year and Month

JeremyP · December 10, 2021, 9:08pm

Hi.... I'm looking for some help on creating a new field based on a grok pattern.

Here is the field in question:

"last_assessed_for_vulnerabilities": "2021-12-10T07:05:41.154Z"

I'm looking to create the following field using the year and month date...

report_period : 2021-12

I'm close, but I can't seem to get GROK to process the month properly. Any help is appreciated!

Badger · December 10, 2021, 10:01pm

How about

grok {
    pattern_definition => { "MYDATE" => "%{YEAR}-%{MONTHNUM}" }
    match => { "last_assessed_for_vulnerabilities" => "^%{MYDATE:someFeild}" }
}

system · January 7, 2022, 10:02pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Extract Month and Year from date field Logstash	8	5796	December 20, 2019
Parsing date field value using grok match Logstash	2	471	July 6, 2017
Grok filter date format Logstash	2	1176	November 29, 2017
Request help with a grok filter pattern for date Logstash	3	560	July 6, 2017
Grok DATA as MONTH-NUMBER Logstash	2	691	March 15, 2020

GROK Filter - Extract Year and Month

Related topics