winlogbeat uses the log parsed time as @timestamp. I have requirement to add a field to index the time the log gets gathered by the beat. Is there a way to do so?
You would need use Logstash to add another timestamp to the event.
winlogbeat uses the log parsed time as @timestamp. I have requirement to add a field to index the time the log gets gathered by the beat. Is there a way to do so?
You would need use Logstash to add another timestamp to the event.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.