winlogbeat uses the log parsed time as @timestamp. I have requirement to add a field to index the time the log gets gathered by the beat. Is there a way to do so?
You would need use Logstash to add another timestamp to the event.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.