Grok filter match with joda datetime pattern?

Elastic Stack Logstash
1

Hi guys,

I have this configuration (part of)

filter {
if [type] == "gflogs"
{
grok {
match => { "message" => "%{TIMESTAMP_ISO8601:TimestampTemp}" }
}
date {
match => [ "TimestampTemp", "ISO8601" ]
remove_field => [ "TimestampTemp" ]
}
}

else if [type] == "planauflogs"
{
grok {
match => { "message" => "%{'yyyyMMdd-HHmmss':TimestampTemp}" }
}
date {
match => [ "TimestampTemp", "ISO8601" ]
remove_field => [ "TimestampTemp" ]
}

The filter for the type "gflogs" works, but I can´t get the filter for the type "planauflogs" working.
Can anybody please (please please :slight_smile: ) help me out here ?

Many thanks in advance and greetings,

Wurzelseppi

2

Just a question guys. In the meantime I solved it myself, but i wonder why there weren´t any responses here ?
Please give me ping shortly if you can read this. Otherwise I have to wonder if anybody can read this at all .... :slight_smile:

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.