How I can replace time with actual time in my log file?

sbke_baap · July 17, 2019, 7:05am

While uploading my data, the time field is getting update with the uploading time.

Given below is my sample data

<134> id=firewall sn=C0EAE4F8239E time="2019-03-01 03:26:12 UTC" fw=203.109.120.130 pri=6 c=1024 m=537 msg="Connection Closed" app=49279 appName="Service SMB" n=1083492749 src=172.25.23.102:52096:X6 dst=116.199.6.106:445:X7 proto=tcp/445 sent=52 spkt=1

Code I'm using

date {
match => ["time" , "yyyy-MM-dd' HH:mm:ss ZZZ"]
remove_field => [ "timestamp" ]
} Screenshot%20(12)

Badger · July 17, 2019, 1:27pm

Remove the ' at the end of the date pattern in your date filter. I would also remove the remove_field option since it does nothing.

system · August 14, 2019, 1:27pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Replace timestamp with actual time from the log Logstash	2	294	February 15, 2019
Logstash - replace @timestamp Logstash	3	311	February 16, 2021
How do I replace timestamp field with the time stamp field inside my log file? Logstash	7	8354	November 3, 2017
Replace @timestamp to time from actual log file Logstash	12	1064	July 7, 2020
Logstash date filter not replacing @timestamp field Logstash	4	1241	April 1, 2017

How I can replace time with actual time in my log file?

Related topics