Help with converting timestamp

pmohan · June 13, 2017, 2:44pm

below is my log line , I use the json filter and that works perfectly fine. I just need to get the log time stamp sorted in a readable format .
timestamp:"unix timestamp, in nanoseconds, when the log message was created"

"timestamp": 1497360775545000192,

trying this and isn't working
mutate {

rename field from 'name' to 'browser_name'

rename => { "timestamp" => "logtimestamp" }
}
mutate {
convert => {"logtimestamp" => "integer" }
}

date {
match => ["logtimestamp", "UNIX" ]
target => "logTimestamp_updated"
}

magnusbaeck · June 14, 2017, 5:47am

The UNIX pattern assumes the input is seconds but you have nanoseconds. I suggest you use UNIX_MS instead and remove the six last digits of timestamp to turn it into milliseconds. You can use a mutate filter's gsub option to trim digits off the tail end.

pmohan · June 14, 2017, 2:25pm

Thanks so much for your reply !
It works perfect now!

Topic		Replies	Views
Howto convert UNIX timestamp json field into ISO8601 format Logstash	6	3702	September 18, 2018
Convert NanoSecond Unix timestamp Logstash	9	1963	February 28, 2023
How to convert a unix_timestamp field to a new date field Logstash	2	19775	July 6, 2017
Logstash Unix Timestamp convert to milliseconds Logstash	2	2125	May 2, 2017
How to convert timestamp in logstash Logstash	3	926	July 13, 2017

Help with converting timestamp

rename field from 'name' to 'browser_name'

Related topics